Add Set-Cookie fingerprint for Laravel

[adfoster-r7]

Description

Adds a new Set-Cookie fingerprint for Laravel - a PHP web application framework

How Has This Been Tested?

Run the server form vulhub:

$ docker run -p 9001:80 vulhub/laravel:8.4.2

Curl output example:

$ curl -I http://localhost:9001
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 16:59:08 GMT
Server: Apache/2.4.38 (Debian)
X-Powered-By: PHP/7.4.15
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6Im1KOUxDMC9BeTJCZkllSklkYXF3eGc9PSIsInZhbHVlIjoibDFoQ1JZcVdobjdyaHQ2SjNoR1dQaS94Qnk5THIxYzNKclZGekVEVzd0VHE0T3NBNkN1Y0FqaGxsVVg0SzhGV3NKM1dNSzlkc2NabDBHT2twcUVFMTNmL3JMMGxLSDh1cUlaQzhqMEZpckpDbkx0REg2UkNtR21rRkw5N05WR1ciLCJtYWMiOiJkZTZhMTc2ZTMzZmMwODYyOGE1OWRkN2U0Y2JjOTI5MDZiY2UzNGZhNjQ4OGU5ZDY3NDkzZjQ3NjYwYmViOTVkIn0%3D; expires=Mon, 13-Mar-2023 18:59:08 GMT; Max-Age=7200; path=/; samesite=lax
Set-Cookie: laravel_session=eyJpdiI6ImtMa0k3VHNIVXBkMlZlc28xV3pFNnc9PSIsInZhbHVlIjoiWUhPTkFjSGZlWmVUNyt1OU9qd0t1SDdSZmhVNDVVbFBMWXBKVnhDN1ozYW5aZFNObTdLQ0tQNEFWMC90OU9CaDBPaU00SklBZ2hmRGNZREwxcVBMRlQ1ay85bmx6NHBkcEt2MWdIR1JSQjVpNFNKS3QzY1ZpcGdSYWt5L1FQcnAiLCJtYWMiOiI1MmM0ODZmYWE1MWY5NDkwZDVmN2NmMmZlZjA4MjNjMjljZDRjYzkxY2FmMjI5NTY3YTA4YjYxMzc4ZDJiYWFmIn0%3D; expires=Mon, 13-Mar-2023 18:59:08 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Content-Type: text/html; charset=UTF-8

Running through recog:

$ curl --silent -I http://localhost:9001 | grep -i '^Set-Cookie:' | cut -d: -f2- | bin/recog_match xml/http_cookies.xml - | grep MATCH
MATCH: {"matched"=>"Laravel PHP web application framework", "service.vendor"=>"laravel", "service.product"=>"laravel", "service.cpe23"=>"cpe:/a:laravel:laravel:-", "service.protocol"=>"http", "fingerprint_db"=>"http_header.cookie", "data"=>"laravel_session=eyJpdiI6IkZhSGdNakRVUUtpS1ZYck5wcTl1cGc9PSIsInZhbHVlIjoiR3FlWVFXTXIzNW5BRVhoRHhkMk5NYnhzcVovSU4vL1JZRXVDbEpWUnM5TWs0MW0zWmRORTAzVFZjcVljd2lidHVsWWZ3aGNvRXdMTFNBcThadFRMKytyU20vV3p0T0xaTEI3NnpNU1Z5WW9ySkxQaDBMMkFSRDNJK3J0QmtWL3kiLCJtYWMiOiIwZmNlOTIwZjkxMThhZGUzZDViZDcwNjJkMzE4MWEzMDE1OWJjNTAwNTZiYjBkODMwZDliYTlhOWFiZjAyMTU5In0%3D; expires=Mon, 13-Mar-2023 18:59:21 GMT; Max-Age=7200; path=/; httponly; samesite=lax"}

Note Laravel doesn't have favicon by default, it's just an empty file, so I didn't include that fingerprint - https://github.com/laravel/laravel/blob/9ae75b58a1ffc00ad36bf1e877fe2bf9ec601b82/public/favicon.ico

Types of changes

• New feature (non-breaking change which adds functionality)

Checklist:

• [x] I have updated the documentation accordingly (or changes are not required).
• [x] I have added tests to cover my changes (or new tests are not required).
• [x] All new and existing tests passed.