2022-08-14 04:49:33 +00:00
id : fastcgi-echo
2022-08-13 15:46:29 +00:00
info :
2023-03-07 22:52:23 +00:00
name : FastCGI Echo Endpoint Script - Detect
2022-08-13 15:46:29 +00:00
author : powerexploit
severity : info
2022-08-13 16:30:35 +00:00
description : |
2023-03-07 22:52:23 +00:00
FastCGI echo endpoint script was detected, which lists several kinds of sensitive information such as port numbers, server software versions, port numbers, and IP addresses.
2023-03-07 22:44:41 +00:00
remediation : Remove or disable FastCGI module delivered with the Apache httpd server which is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2).
2022-08-13 16:31:01 +00:00
reference :
2022-08-13 15:46:29 +00:00
- https://www.exploit-db.com/ghdb/183
- https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports
2022-08-13 16:30:35 +00:00
metadata :
verified : true
2023-10-14 11:27:55 +00:00
max-request : 1
2022-09-08 22:39:14 +00:00
google-query : inurl:fcgi-bin/echo
2022-08-27 04:41:18 +00:00
tags : exposure,logs,oracle,fastcgi,edb
2022-08-13 15:46:29 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-08-13 15:46:29 +00:00
- method : GET
path :
- "{{BaseURL}}/fcgi-bin/echo"
matchers-condition : and
matchers :
- type : word
part : body
words :
- "<title>FastCGI echo</title>"
2022-08-13 16:37:24 +00:00
- type : word
part : header
words :
- "text/html"
2022-08-13 15:46:29 +00:00
- type : status
status :
- 200