nuclei-templates/http/technologies/boa-web-server.yaml

id: boa-web-server

info:
  name: Boa Web Server - Detect
  author: johnk3r
  severity: info
  description: |
    Boa is a single-tasking HTTP server. That means that unlike traditional web servers, it does not fork for each incoming connection, nor does it fork many copies of itself to handle multiple connections.
  reference:
    - https://www.microsoft.com/en-us/security/blog/2022/11/22/vulnerable-sdk-components-lead-to-supply-chain-risks-in-iot-and-ot-environments/
    - http://www.boa.org/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 1
    shodan-query: "Server: Boa/"
  tags: boa,tech

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: regex
        part: header
        regex:
          - "Server: Boa/"

    extractors:
      - type: kval
        part: header
        kval:
          - Server
# digest: 490a0046304402202a45b52e578317f8965b3218167ea6f362a161e3ed98fefecbfeaaa2e89c675f02206b2c6c1ebe181ea4ae0b9cb785c87469ec83eb9b1df2f45bcb13ed52c33c46a7:922c64590222798bb761d5b6d8e72950
Update and rename boa-webserver.yaml to boa-web-server.yaml 2024-05-14 09:33:54 +00:00			`id: boa-web-server`
Create boa-webserver.yaml 2024-04-30 22:12:01 +00:00
			`info:`
Update and rename boa-webserver.yaml to boa-web-server.yaml 2024-05-14 09:33:54 +00:00			`name: Boa Web Server - Detect`
Create boa-webserver.yaml 2024-04-30 22:12:01 +00:00			`author: johnk3r`
			`severity: info`
Update and rename boa-webserver.yaml to boa-web-server.yaml 2024-05-14 09:33:54 +00:00			`description: \|`
			`Boa is a single-tasking HTTP server. That means that unlike traditional web servers, it does not fork for each incoming connection, nor does it fork many copies of itself to handle multiple connections.`
Update boa-webserver.yaml 2024-04-30 22:16:59 +00:00			`reference:`
			`- https://www.microsoft.com/en-us/security/blog/2022/11/22/vulnerable-sdk-components-lead-to-supply-chain-risks-in-iot-and-ot-environments/`
Update boa-webserver.yaml 2024-05-04 23:07:21 +00:00			`- http://www.boa.org/`
Create boa-webserver.yaml 2024-04-30 22:12:01 +00:00			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
			`cwe-id: CWE-200`
Update and rename boa-webserver.yaml to boa-web-server.yaml 2024-05-14 09:33:54 +00:00			`metadata:`
			`verified: true`
			`max-request: 1`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`shodan-query: "Server: Boa/"`
Update boa-webserver.yaml 2024-05-04 23:07:45 +00:00			`tags: boa,tech`
Create boa-webserver.yaml 2024-04-30 22:12:01 +00:00
			`http:`
			`- method: GET`
			`path:`
Update boa-webserver.yaml 2024-04-30 22:19:25 +00:00			`- "{{BaseURL}}"`
Create boa-webserver.yaml 2024-04-30 22:12:01 +00:00
			`matchers-condition: and`
			`matchers:`
			`- type: regex`
			`part: header`
			`regex:`
Update and rename boa-webserver.yaml to boa-web-server.yaml 2024-05-14 09:33:54 +00:00			`- "Server: Boa/"`
Create boa-webserver.yaml 2024-04-30 22:12:01 +00:00
			`extractors:`
			`- type: kval`
			`part: header`
			`kval:`
			`- Server`
Auto Template Signing [Sat Jun 8 16:02:16 UTC 2024] :robot: 2024-06-08 16:02:17 +00:00			`# digest: 490a0046304402202a45b52e578317f8965b3218167ea6f362a161e3ed98fefecbfeaaa2e89c675f02206b2c6c1ebe181ea4ae0b9cb785c87469ec83eb9b1df2f45bcb13ed52c33c46a7:922c64590222798bb761d5b6d8e72950`