search

xiecat / fofax

FOFAX是一个基于fofa.info的API命令行查询工具
https://fofax.xiecat.fun/
GNU General Public License v3.0
719 stars 74 forks source link

“有趣”的FOFA查询语句收集计划 #2

Closed 0xf4n9x closed 1 year ago

0xf4n9x commented 2 years ago

收集一些针对有意思的、不限于红队或者安全的FOFA查询搜集语句。

目前已经收集一部分,详见:“有趣”的FOFA查询语句收集计划

大家有好的或者有意思的查询语句欢迎来此Issue下面贡献,后期会将这些所有的“有趣”的FOFA查询语句整合之fofaX中,让fofaX变得更好玩。

提交格式如下:

```yaml
id: fx-2021-01
query: 查询的字符串用于fx="jupyter Unauth" eg:(jupyter Unauth)
rule_name: 规则名称 eg:(jupyter 未授权)
rule_english: jupyter unauthorized
description: 规则描述
author: 作者<邮箱>eg:(becivells)
fofa_query: fofa语句 eg:(body="ipython-main-app" && title="Home Page - Select or create
  a notebook")"
tag:
- 标签1 eg(unauthorized)
- 标签2
source: 语句来源


提交例子
id: fx-2021-01
query: jupyter Unauth
rule_name: jupyter 未授权
rule_english: jupyter unauthorized
description: jupyter 适用于科学计算场景。如果没有设置账号密码很容易通过web界面直接托管机器
author: becivells
fofa_query: body="ipython-main-app" && title="Home Page - Select or create  a notebook")"
tag:
- unauthorized
source:
0xf4n9x commented 2 years ago 
id: google-reverse-proxy
query: Google Reverse
rule_name: Google反代服务器
rule_english: Google Reverse proxy
description: 不用挂代理就可以访问的Google搜索,但搜索记录可能会被记录。
author: fofa
fofa_query: body="var c = Array.prototype.slice.call(arguments, 1);return function() {var d=c.slice();"
tag:
- google
source: https://tp.wjx.top/m/67114073.aspx
0xf4n9x commented 2 years ago 
id: python-simplehttp
query: Python SimpleHTTP
rule_name: Python SimpleHTTP服务器
rule_english: Python SimpleHTTP
description: Python SimpleHTTP临时服务器
author: fofa
fofa_query: (server="SimpleHTTP/0.6 Python/3.6.3" || server="SimpleHTTP/0.6 Python/3.6.8" || server="SimpleHTTP/0.6 Python/3.7.0" || server="SimpleHTTP/0.6 Python/3.7.1" || server="SimpleHTTP/0.6 Python/3.7.2" || server="SimpleHTTP/0.6 Python/3.7.3" || server="SimpleHTTP/0.6 Python/3.7.4" || server="SimpleHTTP/0.6 Python/3.7.5" || server="SimpleHTTP/0.6 Python/3.7.6" || server="SimpleHTTP/0.6 Python/3.7.7" || server="SimpleHTTP/0.6 Python/3.7.8" || server="SimpleHTTP/0.6 Python/3.7.9" || server="SimpleHTTP/0.6 Python/3.8.1" || server="SimpleHTTP/0.6 Python/3.8.2" || server="SimpleHTTP/0.6 Python/3.8.3" || server="SimpleHTTP/0.6 Python/3.8.4" || server="SimpleHTTP/0.6 Python/3.8.5" || server="SimpleHTTP/0.6 Python/3.8.6" || server="SimpleHTTP/0.6 Python/3.8.7" || server="SimpleHTTP/0.6 Python/3.8.8" || server="SimpleHTTP/0.6 Python/3.8.9" || server="SimpleHTTP/0.6 Python/3.9.1" || server="SimpleHTTP/0.6 Python/3.9.2" || server="SimpleHTTP/0.6 Python/3.9.3" || server="SimpleHTTP/0.6 Python/3.9.4" || server="SimpleHTTP/0.6 Python/3.9.5" || server="SimpleHTTP/0.6 Python/3.9.6" || server="SimpleHTTP/0.6 Python/3.9.7" || server="SimpleHTTP/0.6 Python/3.9.8" || server="SimpleHTTP/0.6 Python/3.9.9") && title="Directory listing for"
tag:
- 文件
source: https://tp.wjx.top/m/67114073.aspx