2022-08-14 04:49:33 +00:00
id : fastcgi-echo
2022-08-13 15:46:29 +00:00
info :
2023-03-07 22:52:23 +00:00
name : FastCGI Echo Endpoint Script - Detect
2022-08-13 15:46:29 +00:00
author : powerexploit
severity : info
2022-08-13 16:30:35 +00:00
description : |
2023-03-07 22:52:23 +00:00
FastCGI echo endpoint script was detected, which lists several kinds of sensitive information such as port numbers, server software versions, port numbers, and IP addresses.
2023-03-07 22:44:41 +00:00
remediation : Remove or disable FastCGI module delivered with the Apache httpd server which is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2).
2022-08-13 16:31:01 +00:00
reference :
2022-08-13 15:46:29 +00:00
- https://www.exploit-db.com/ghdb/183
- https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports
2022-08-13 16:30:35 +00:00
metadata :
verified : true
2023-10-14 11:27:55 +00:00
max-request : 1
2022-09-08 22:39:14 +00:00
google-query : inurl:fcgi-bin/echo
2022-08-27 04:41:18 +00:00
tags : exposure,logs,oracle,fastcgi,edb
2022-08-13 15:46:29 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-08-13 15:46:29 +00:00
- method : GET
path :
- "{{BaseURL}}/fcgi-bin/echo"
matchers-condition : and
matchers :
- type : word
part : body
words :
- "<title>FastCGI echo</title>"
2022-08-13 16:37:24 +00:00
- type : word
part : header
words :
- "text/html"
2022-08-13 15:46:29 +00:00
- type : status
status :
- 200
2023-10-20 11:41:13 +00:00
# digest: 4b0a00483046022100c1515f3e8783832b51ecb2f9f9c894bbc5850ba330d49ebcdad5e01313db1abf022100b7bdb610aef885d22f7ee4934f754bed143ca8ed501c966a8218f328e3279502:922c64590222798bb761d5b6d8e72950
