Update favicon-detect.yaml

patch-1
Ritik Chaddha 2024-03-08 18:58:41 +05:30
parent 8f2d14fb5b
commit 0e03b27276
1 changed files with 24 additions and 9 deletions

View File

@ -35,19 +35,24 @@ http:
- "status_code==200 && (\"-503480258\" == mmh3(base64_py(body)))"
- type: dsl
name: oracle
name: "oracle"
dsl:
- "len(body)==1150 && status_code==200 && (\"421e176ae0837bcc6b879ef55adbc897\" == md5(body))"
- "status_code==200 && (\"1414300307\" == mmh3(base64_py(body)))"
- type: dsl
name: hitachi
name: "hitachi"
dsl:
- "len(body)==894 && status_code==200 && (\"41e9c43dc5e994ca7a40f4f92b50d01d\" == md5(body))"
- "status_code==200 && (\"92627686\" == mmh3(base64_py(body)))"
- type: dsl
name: meinberg
name: "hitachi-management"
dsl:
- "len(body)==1406 && status_code==200 && (\"4b2524b4f28eac7d0e872b0e1323c02d\" == md5(body))"
- "status_code==200 && (\"94231047\" == mmh3(base64_py(body)))"
- type: dsl
name: "meinberg"
dsl:
- "status_code==200 && (\"-676779906\" == mmh3(base64_py(body)))"
- type: dsl
name: "slack-instance"
@ -3367,7 +3372,7 @@ http:
- type: dsl
name: "MSNSwitch Firmware MNT"
dsl:
- "status_code==200 && (\"-2073748627 || http.favicon.hash\" == mmh3(base64_py(body)))"
- "status_code==200 && (\"-2073748627\" == mmh3(base64_py(body)))"
- type: dsl
name: "HotelDruid Hotel Management Software"
@ -3462,7 +3467,17 @@ http:
- type: dsl
name: "Fortra GoAnywhere MFT"
dsl:
- "status_code==200 && (\"1484947000,1828756398,1170495932\" == mmh3(base64_py(body)))"
- "status_code==200 && (\"1170495932\" == mmh3(base64_py(body)))"
- type: dsl
name: "GoAnywhere"
dsl:
- "status_code==200 && (\"1828756398\" == mmh3(base64_py(body)))"
- type: dsl
name: "GoAnywhere Web Client"
dsl:
- "status_code==200 && (\"1484947000\" == mmh3(base64_py(body)))"
- type: dsl
name: "Qlik Sense Enterprise"
@ -3726,4 +3741,4 @@ http:
- type: dsl
dsl:
- 'mmh3(base64_py(body))'
# digest: 4a0a004730450220427edfee32645dec95891fe6e1b132c390f7eb122d6e80cd7727e2b1ef4bd822022100fc34f567cc72b46baa3e0b6f0d22dae4b44fd94ca61ce0305f764b1cc5f45f65:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220427edfee32645dec95891fe6e1b132c390f7eb122d6e80cd7727e2b1ef4bd822022100fc34f567cc72b46baa3e0b6f0d22dae4b44fd94ca61ce0305f764b1cc5f45f65:922c64590222798bb761d5b6d8e72950