nuclei-templates/http/technologies/element-web-detect.yaml

40 lines
1.1 KiB
YAML
Raw Permalink Normal View History

id: element-web-detect
2023-11-30 04:44:41 +00:00
info:
name: Element Web - Detect
author: davidegirardi
2023-11-30 04:44:41 +00:00
severity: info
description: Identify if a web application is vanilla Element Web and return the version
2024-09-10 09:08:16 +00:00
classification:
cpe: cpe:2.3:a:matrix:element:*:*:*:*:*:*:*:*
2023-11-30 04:44:41 +00:00
metadata:
verified: true
max-request: 2
2024-09-10 08:22:50 +00:00
vendor: matrix
2024-09-10 09:08:16 +00:00
product: element
shodan-query: html:"manifest.json"
tags: tech,matrix,element,detect
2023-11-30 04:44:41 +00:00
http:
- method: GET
path:
- "{{BaseURL}}/manifest.json"
- "{{BaseURL}}/version"
host-redirects: true
max-redirects: 2
2023-11-30 04:44:41 +00:00
matchers:
- type: dsl
dsl:
- 'status_code_1 == 200'
2023-11-30 04:44:41 +00:00
- 'contains(content_type_1, "application/json")'
- 'contains(json_minify(body_1), "\"name\":\"Element\"")'
- 'status_code_2 == 200'
2023-11-30 04:44:41 +00:00
condition: and
extractors:
- type: regex
part: body
regex:
- '[^\s]+'
2024-09-12 05:14:01 +00:00
# digest: 4a0a004730450221008b57f71a27e5505161674665d2f0733c84e7d9436c3c4be711e9556de5d7947c0220308911b97a506eed8f5d8a2733462e9fb14fa59b287dc1440ef527879b3cffce:922c64590222798bb761d5b6d8e72950