当指纹的matchers 里只有favicon类型的时候不发包

emo-crab / observer_ward

侦查守卫(observer_ward)Web应用和服务指纹识别工具

https://emo-crab.github.io/observer_ward/

GNU General Public License v3.0

1.24k stars 135 forks source link

当指纹的matchers 里只有favicon类型的时候不发包 #312

Closed ic3s3137 closed 3 months ago

ic3s3137 commented 3 months ago

id: zimbra-favicon
info:
  name: zimbra-favicon
  author: test
  tags: detect,tech,zimbra
  severity: info
  metadata:
    product: Zimbra
    vendor: Zimbra
    verified: true
http:
- method: GET
  path:
  - '{{BaseURL}}/'
  matchers:
  - type: favicon
    hash:
    - "1624375939"

cn-kali-team commented 3 months ago

由于优化请求的时候，把图标哈希规则单独排在最后了，只有在首页请求中找到了图标才会进行规则匹配，现在当没有首页请求我默认加了一个进去。等ci构建好就可以更新了