nuclei-templates/http/technologies/boa-web-server.yaml

38 lines
1.1 KiB
YAML
Raw Permalink Normal View History

id: boa-web-server
2024-04-30 22:12:01 +00:00
info:
name: Boa Web Server - Detect
2024-04-30 22:12:01 +00:00
author: johnk3r
severity: info
description: |
Boa is a single-tasking HTTP server. That means that unlike traditional web servers, it does not fork for each incoming connection, nor does it fork many copies of itself to handle multiple connections.
2024-04-30 22:16:59 +00:00
reference:
- https://www.microsoft.com/en-us/security/blog/2022/11/22/vulnerable-sdk-components-lead-to-supply-chain-risks-in-iot-and-ot-environments/
2024-05-04 23:07:21 +00:00
- http://www.boa.org/
2024-04-30 22:12:01 +00:00
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cwe-id: CWE-200
metadata:
verified: true
max-request: 1
shodan-query: "Server: Boa/"
2024-05-04 23:07:45 +00:00
tags: boa,tech
2024-04-30 22:12:01 +00:00
http:
- method: GET
path:
2024-04-30 22:19:25 +00:00
- "{{BaseURL}}"
2024-04-30 22:12:01 +00:00
matchers-condition: and
matchers:
- type: regex
part: header
regex:
- "Server: Boa/"
2024-04-30 22:12:01 +00:00
extractors:
- type: kval
part: header
kval:
- Server
# digest: 490a0046304402202a45b52e578317f8965b3218167ea6f362a161e3ed98fefecbfeaaa2e89c675f02206b2c6c1ebe181ea4ae0b9cb785c87469ec83eb9b1df2f45bcb13ed52c33c46a7:922c64590222798bb761d5b6d8e72950