From 8ce3615e09f63831947f8120dcaf481b6d7b155f Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Thu, 17 Feb 2022 12:51:43 -0500 Subject: [PATCH 1/2] Create web-suite-detect.yaml --- technologies/web-suite-detect.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 technologies/web-suite-detect.yaml diff --git a/technologies/web-suite-detect.yaml b/technologies/web-suite-detect.yaml new file mode 100644 index 0000000000..dd9f9cd648 --- /dev/null +++ b/technologies/web-suite-detect.yaml @@ -0,0 +1,27 @@ +id: web-suite-detect + +info: + name: Web Suite Detect + author: pikpikcu + severity: info + metadata: + fofa-query: "Web Suite 2021 Login" + tags: tech,web-suite + +requests: + - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/ws2020/" + - "{{BaseURL}}/ws2021/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'href="http://www.bqe.com">BQE Software Inc.' + + - type: status + status: + - 200 From 647e6122bb4c42ba4fd29370c7b643784ed184cf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 22 Feb 2022 11:17:50 +0530 Subject: [PATCH 2/2] Update web-suite-detect.yaml --- technologies/web-suite-detect.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/technologies/web-suite-detect.yaml b/technologies/web-suite-detect.yaml index dd9f9cd648..33bf8280f2 100644 --- a/technologies/web-suite-detect.yaml +++ b/technologies/web-suite-detect.yaml @@ -20,8 +20,17 @@ requests: - type: word part: body words: - - 'href="http://www.bqe.com">BQE Software Inc.' + - 'www.bqe.com">BQE Software Inc.' + - 'Web Suite' + condition: and - type: status status: - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "Version: (.*)"