2023-12-07 17:22:42 +00:00
|
|
|
id: element-web-detect
|
2023-11-30 04:44:41 +00:00
|
|
|
|
|
|
|
|
info:
|
2023-12-07 17:22:42 +00:00
|
|
|
name: Element Web - Detect
|
|
|
|
|
author: davidegirardi
|
2023-11-30 04:44:41 +00:00
|
|
|
severity: info
|
|
|
|
|
description: Identify if a web application is vanilla Element Web and return the version
|
|
|
|
|
metadata:
|
|
|
|
|
max-request: 2
|
2023-12-07 17:22:42 +00:00
|
|
|
verified: true
|
|
|
|
|
shodan-query: html:"manifest.json"
|
|
|
|
|
tags: tech,matrix,element,detect
|
2023-11-30 04:44:41 +00:00
|
|
|
|
|
|
|
|
http:
|
|
|
|
|
- method: GET
|
|
|
|
|
path:
|
|
|
|
|
- "{{BaseURL}}/manifest.json"
|
|
|
|
|
- "{{BaseURL}}/version"
|
|
|
|
|
|
2023-12-07 17:22:42 +00:00
|
|
|
host-redirects: true
|
|
|
|
|
max-redirects: 2
|
2023-11-30 04:44:41 +00:00
|
|
|
matchers:
|
|
|
|
|
- type: dsl
|
|
|
|
|
dsl:
|
2023-12-07 17:22:42 +00:00
|
|
|
- 'status_code_1 == 200'
|
2023-11-30 04:44:41 +00:00
|
|
|
- 'contains(content_type_1, "application/json")'
|
|
|
|
|
- 'contains(json_minify(body_1), "\"name\":\"Element\"")'
|
2023-12-07 17:22:42 +00:00
|
|
|
- 'status_code_2 == 200'
|
2023-11-30 04:44:41 +00:00
|
|
|
condition: and
|
|
|
|
|
|
|
|
|
|
extractors:
|
|
|
|
|
- type: regex
|
|
|
|
|
part: body
|
|
|
|
|
regex:
|
|
|
|
|
- '[^\s]+'
|
2023-12-08 05:47:36 +00:00
|
|
|
# digest: 4b0a004830460221008ec2dfa70b996ad6bc7948002035a4fe22f9d90e4bfa5b34bfde8b9f4c3626ca022100943a1046f024911d5144641630a27aa9825baa41e94fc54e313358f39599afb9:922c64590222798bb761d5b6d8e72950
|
