From 3d3b45bfaa80ef1a2058a4fb6daef3c3491e5437 Mon Sep 17 00:00:00 2001 From: lstatro Date: Mon, 1 Apr 2024 16:35:40 -0400 Subject: [PATCH 1/3] Added yourls-detect template --- http/technologies/yourls-detect.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 http/technologies/yourls-detect.yaml diff --git a/http/technologies/yourls-detect.yaml b/http/technologies/yourls-detect.yaml new file mode 100644 index 0000000000..d24dc01cc7 --- /dev/null +++ b/http/technologies/yourls-detect.yaml @@ -0,0 +1,26 @@ +id: yourls-detect + +info: + name: yourls detection + author: lstatro + severity: info + description: Detects if the target is running a YOURLS (Your Own URL Shortener) server + reference: https://github.com/YOURLS/YOURLS + tags: tech,yourls + +http: + - method: GET + path: + - "{{BaseURL}}/readme.html" + redirects: true + max-redirects: 3 + matchers-condition: and + matchers: + - type: word + part: body + words: + - "YOURLS: Your Own URL Shortener" + - "https://github.com/YOURLS/YOURLS/graphs/contributors" + - type: status + status: + - 200 From 5479736cd2ff321d02d30fe0d58e4511ecf1b21f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 2 Apr 2024 09:08:13 +0530 Subject: [PATCH 2/3] minor update --- http/technologies/yourls-detect.yaml | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/http/technologies/yourls-detect.yaml b/http/technologies/yourls-detect.yaml index d24dc01cc7..833099179b 100644 --- a/http/technologies/yourls-detect.yaml +++ b/http/technologies/yourls-detect.yaml @@ -1,19 +1,27 @@ id: yourls-detect info: - name: yourls detection + name: YOURLS - Detection author: lstatro severity: info - description: Detects if the target is running a YOURLS (Your Own URL Shortener) server - reference: https://github.com/YOURLS/YOURLS + description: | + Detects if the target is running a YOURLS (Your Own URL Shortener) server + reference: + - https://github.com/YOURLS/YOURLS + metadata: + max-request: 1 + verified: true + fofa-query: title="Your Own URL Shortener" tags: tech,yourls http: - method: GET path: - "{{BaseURL}}/readme.html" + redirects: true max-redirects: 3 + matchers-condition: and matchers: - type: word @@ -21,6 +29,8 @@ http: words: - "YOURLS: Your Own URL Shortener" - "https://github.com/YOURLS/YOURLS/graphs/contributors" + condition: and + - type: status status: - 200 From 5325f7be95f1707d67cd437b0d07f1e9de314c7d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 3 Apr 2024 10:18:05 +0530 Subject: [PATCH 3/3] Fix FN template --- http/technologies/yourls-detect.yaml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/http/technologies/yourls-detect.yaml b/http/technologies/yourls-detect.yaml index 833099179b..f9c7d99cef 100644 --- a/http/technologies/yourls-detect.yaml +++ b/http/technologies/yourls-detect.yaml @@ -11,13 +11,14 @@ info: metadata: max-request: 1 verified: true + shodan-query: title:"Your Own URL Shortener" fofa-query: title="Your Own URL Shortener" tags: tech,yourls http: - method: GET path: - - "{{BaseURL}}/readme.html" + - "{{BaseURL}}" redirects: true max-redirects: 3 @@ -27,10 +28,20 @@ http: - type: word part: body words: - - "YOURLS: Your Own URL Shortener" - - "https://github.com/YOURLS/YOURLS/graphs/contributors" - condition: and + - 'YOURLS' + - 'content="YOURLS' + - 'alt="YOURLS' + - '/yourls-logo' + condition: or - type: status status: - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'YOURLS<\/a>([ a-z0-9.-]+)' + - 'content="YOURLS([ 0-9.]+)"'