Merge pull request #9315 from righettod/admiralcloud_add

Add detection of AdmiralCloud instances.
patch-1
Ritik Chaddha 2024-03-11 12:27:57 +05:30 committed by GitHub
commit 1e9f2eae87
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 36 additions and 0 deletions

View File

@ -0,0 +1,36 @@
id: admiralcloud-detect
info:
name: AdmiralCloud - Detect
author: righettod
severity: info
description: |
AdmiralCloud was detected.
reference:
- https://www.admiralcloud.com/en/
metadata:
max-request: 1
verified: true
shodan-query: http.title:"AdmiralCloud"
tags: tech,admiralcloud,detect
http:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
max-redirects: 2
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_any(to_lower(body), "content=\"admiralcloud", "<title>admiralcloud")'
condition: and
extractors:
- type: regex
part: body
group: 1
regex:
- '\s+([0-9\.]+)</title>'