YAML指纹模板
name: SimpleApp
author: Castiel
type: webApp
version: '1.0'
website: https://www.tongda2000.com/
description: "\u6307\u7EB9\u63CF\u8FF0\u4FE1\u606F"
filters:
language: [PHP]
middleware: [apache, nginx]
platform: [windows, Unix]
logic: or
matches:
- {certainty: 100, hash: -759108386, status: 200, url: '/tongda.ico?r={randstr()}'}
- {keyword: 'X-Powered-By: PHP/7.2.24-0ubuntu0.18.04.8', search: headers}
- {aim: version, offset: 1, regex: (aa), search: 'headers[set-cookie]', version: '2.2'}
- {keyword: test <||> referer, name: matchName}
- {status: 200}
sets:
cookies: {cname: 'cValue{randstr(5,true)}'}
data: ''
headers: {testHeader: 'testHeader{randstr(10)}'}
params: {test: bbbb}
模块指纹模板
def _fingers(self):
"""
当前模块指纹定义
:return: dict
"""
fingerprint = {
"name": self.AppName, # 漏洞应用名作为指纹名称
"author": self.Author, # 作者
"version": "1.0", # 版本号
"type": FINGERPRINT.FP_TYPE.WEBAPP, # 指纹类型 详情请参考指纹类型表
"logic": "or", # 匹配逻辑 默认为 or
"description": "指纹描述信息", # 描述信息
"website": "https://www.tongda2000.com/",
"filters": { # 过滤属性,用于从操作系统平台、中间件、和脚本语言3个维度进行过滤
"platform": ['windows', 'Unix'],
"middleware": ['apache', 'nginx'],
"language": ['PHP']
},
"matches": [{"url": "/tongda.ico?r={randstr()}", "hash": -759108386, "certainty": 100, "status": 200},
{"search": "headers", "keyword": "X-Powered-By: PHP/7.2.24-0ubuntu0.18.04.8"},
{"search": "headers[set-cookie]", "regex": "(aa)", "offset": 1, "version": "2.2",
"aim": "version"},
{"name": "matchName", "keyword": "test <||> referer"},
{"status": 200}],
"sets": { # 主动式匹配的一些HTTP Request设置
"headers": {"testHeader": "testHeader{randstr(10)}"},
"cookies": {"cname": "cValue{randstr(5,true)}"},
"params": {"test": "bbbb"},
"data": ""
}
}
return fingerprint