nuclei-templates/exposures/logs/fastcgi-echo.yaml

id: fastcgi-echo

info:
  name: Fastcgi Echo Endpoint Exposure
  author: powerexploit
  severity: info
  description: |
    FastCGI module delivered with the Apache httpd server that is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2) should be always removed or disabled in all Oracle Application Servers implementations as they can provide information at an attacker
  reference:
    - https://www.exploit-db.com/ghdb/183
    - https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports
  metadata:
    verified: true
    google-query: inurl:fcgi-bin/echo
  tags: exposure,logs,oracle,fastcgi,edb

requests:
  - method: GET
    path:
      - "{{BaseURL}}/fcgi-bin/echo"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>FastCGI echo</title>"

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
Update and rename fastcgi-echo-detect.yaml to fastcgi-echo.yaml 2022-08-14 04:49:33 +00:00			`id: fastcgi-echo`
Added exposures/logs/fastcgi-echo-detect.yaml 2022-08-13 15:46:29 +00:00
			`info:`
Update and rename fastcgi-echo-detect.yaml to fastcgi-echo.yaml 2022-08-14 04:49:33 +00:00			`name: Fastcgi Echo Endpoint Exposure`
Added exposures/logs/fastcgi-echo-detect.yaml 2022-08-13 15:46:29 +00:00			`author: powerexploit`
			`severity: info`
Update fastcgi-echo-detect.yaml 2022-08-13 16:30:35 +00:00			`description: \|`
			`FastCGI module delivered with the Apache httpd server that is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2) should be always removed or disabled in all Oracle Application Servers implementations as they can provide information at an attacker`
Update fastcgi-echo-detect.yaml 2022-08-13 16:31:01 +00:00			`reference:`
Added exposures/logs/fastcgi-echo-detect.yaml 2022-08-13 15:46:29 +00:00			`- https://www.exploit-db.com/ghdb/183`
			`- https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports`
Update fastcgi-echo-detect.yaml 2022-08-13 16:30:35 +00:00			`metadata:`
			`verified: true`
Replace google-dork with google-query in all templates (#5328) * dos2unix to standardize line endings * Replace google-dork with google-query 2022-09-08 22:39:14 +00:00			`google-query: inurl:fcgi-bin/echo`
Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] :robot: 2022-08-27 04:41:18 +00:00			`tags: exposure,logs,oracle,fastcgi,edb`
Added exposures/logs/fastcgi-echo-detect.yaml 2022-08-13 15:46:29 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/fcgi-bin/echo"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- "<title>FastCGI echo</title>"`

Update fastcgi-echo-detect.yaml 2022-08-13 16:37:24 +00:00			`- type: word`
			`part: header`
			`words:`
			`- "text/html"`

Added exposures/logs/fastcgi-echo-detect.yaml 2022-08-13 15:46:29 +00:00			`- type: status`
			`status:`
			`- 200`