提交指纹-[tableau] - Githubissues

j4vaovo commented 1 year ago

测试目标

https://dev.tableau.pwc.it/

指纹的Yaml规则

name: tableau
priority: 3
nuclei_tags:
- - tableau
fingerprint:
- path: /
  request_method: get
  request_headers: {}
  request_data: ''
  status_code: 0
  headers: {}
  keyword: []
  favicon_hash: 
    - 783f669ae8336979325ef497a5e43037
- path: /
  request_method: get
  request_headers: {}
  request_data: ''
  status_code: 0
  headers: {}
  keyword: 
    - src="/javascripts/api/tableau-
  favicon_hash: []

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash fingerprint[0]: missing field `status_code` at line 6 column 3 ```

验证结果：

是否识别成功： false

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash fingerprint[0]: missing field `status_code` at line 6 column 3 ```

验证结果：

是否识别成功： false

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: [38;5;10mhttps://dev.tableau.pwc.it/[39m HEADERS: date: Tue, 02 May 2023 02:24:28 GMT server: Tableau last-modified: Tue, 08 Nov 2022 12:15:50 GMT etag: "504-5ecf4802a8980-gzip" accept-ranges: bytes cache-control: no-cache, no-store, must-revalidate expires: -1 vary: Accept-Encoding x-iinfo: 7-8528437-8528439 NNNN CT(134 134 0) RT(1682994267926 21) q(0 0 3 0) r(4 4) U12 x-tableau: Tableau Server p3p: CP="NON" x-ua-compatible: IE=Edge x-content-type-options: nosniff x-xss-protection: 1; mode=block referrer-policy: no-referrer-when-downgrade content-security-policy-report-only: connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data: tableau-desktop:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline' pragma: no-cache content-type: text/html; charset=utf-8 set-cookie: visid_incap_2661319=QsKn3CnXS2WN1hSDPzB+6lt0UGQAAAAAQUIPAAAAAABpQE+P9vRel4XG9Lp1AHni; expires=Tue, 30 Apr 2024 06:23:46 GMT; HttpOnly; path=/; Secure; SameSite=None strict-transport-security: max-age=31536000; includeSubDomains x-cdn: Imperva transfer-encoding: chunked STATUS_CODE: 200 TEXT:

[38;5;9mFAVICON: { "https://dev.tableau.pwc.it/favicon.ico": "783f669ae8336979325ef497a5e43037", }[39m Matching fingerprintV3WebFingerPrint { name: "tableau", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "783f669ae8336979325ef497a5e43037", ], headers: {}, keyword: [], }, } ```

验证结果：

是否识别成功： true

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash did not find expected key at line 15 column 2, while parsing a block mapping ```

验证结果：

是否识别成功： false

github-actions[bot] commented 1 year ago

验证过程:

点击展开查看

```bash URL: [38;5;10mhttps://dev.tableau.pwc.it/[39m HEADERS: date: Tue, 02 May 2023 02:32:55 GMT server: Tableau last-modified: Tue, 08 Nov 2022 12:15:50 GMT etag: "504-5ecf4802a8980-gzip" accept-ranges: bytes cache-control: no-cache, no-store, must-revalidate expires: -1 vary: Accept-Encoding x-iinfo: 6-72952447-72952449 NNNN CT(87 89 0) RT(1682994774943 12) q(0 0 2 0) r(3 3) U12 x-tableau: Tableau Server p3p: CP="NON" x-ua-compatible: IE=Edge x-content-type-options: nosniff x-xss-protection: 1; mode=block referrer-policy: no-referrer-when-downgrade content-security-policy-report-only: connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data: tableau-desktop:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline' pragma: no-cache content-type: text/html; charset=utf-8 set-cookie: visid_incap_2661319=xW5pVeVHTuOcyETDUZcmF1Z2UGQAAAAAQUIPAAAAAAAtX89s83YMoz0s+WXTmerG; expires=Tue, 30 Apr 2024 06:08:11 GMT; HttpOnly; path=/; Secure; SameSite=None strict-transport-security: max-age=31536000; includeSubDomains x-cdn: Imperva transfer-encoding: chunked STATUS_CODE: 200 TEXT:

[38;5;9mFAVICON: { "https://dev.tableau.pwc.it/favicon.ico": "783f669ae8336979325ef497a5e43037", }[39m Matching fingerprintV3WebFingerPrint { name: "tableau", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [], headers: {}, keyword: [ "src=\"/javascripts/api/tableau-", ], }, } Matching fingerprintV3WebFingerPrint { name: "tableau", priority: 3, request: WebFingerPrintRequest { path: "/", request_method: "get", request_headers: {}, request_data: "", }, match_rules: WebFingerPrintMatch { status_code: 0, favicon_hash: [ "783f669ae8336979325ef497a5e43037", ], headers: {}, keyword: [], }, } ```

验证结果：

是否识别成功： true

github-actions[bot] commented 1 year ago

审核通过:

指纹规则已经合并，感谢提交。

0x727 / FingerprintHub

提交指纹-[tableau] #95

测试目标

指纹的Yaml规则

验证过程:

验证结果：

验证过程:

验证结果：

验证过程:

验证结果：

验证过程:

验证结果：

验证过程:

验证结果：

审核通过: