search

augustd / burp-suite-error-message-checks

Burp Suite extension to passively scan for applications revealing server error messages
64 stars 23 forks source link

JBoss Web improvement #37

Closed Hipapheralkus closed 6 years ago

Hipapheralkus commented 6 years ago

Hi, I got 200:ok page with following [redacted] source:

<html><head><title>JBoss Web/7.4.10.Final-redhat-1 - JBWEB000064: Error report</title><style>
...
</head><body><h1>JBWEB000065: HTTP Status 404 - /redacted</h1><HR size="1" noshade="noshade"><p><b>JBWEB000309: type</b> JBWEB000067: Status report</p><p><b>JBWEB000068: message</b> <u>/redacted</u></p><p><b>JBWEB000069: description</b> <u>JBWEB000124: The requested resource is not available.</u></p><HR size="1" noshade="noshade"><h3>JBoss Web/7.4.10.Final-redhat-1</h3></body></html>

I think JBoss error codes are pretty standardized, so it should be easy to write a good regexp:) something like JBWEB[0-9]{6}: should be ok

augustd commented 6 years ago

Thanks! Do you think the ID code will ever be more or less than 6 chars?

augustd commented 6 years ago

Keep 'em coming!