Merge pull request #10515 from righettod/amq_upd

Refactor the "ActiveMQ" template.

http/exposed-panels/activemq-panel.yaml

@@ -2,11 +2,12 @@ id: activemq-panel
 
 info:
   name: Apache ActiveMQ Exposure
-  author: pdteam
+  author: pdteam,righettod
   severity: info
   description: An Apache ActiveMQ implementation was discovered.
   reference:
     - https://activemq.apache.org/
+    - https://activemq.apache.org/components/classic/documentation/rest
   classification:
     cwe-id: CWE-200
     cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
@@ -17,17 +18,28 @@ info:
     shodan-query:
       - cpe:"cpe:2.3:a:apache:activemq"
       - product:"activemq openwire transport"
-  tags: panel,activemq,apache
+      - http.title:"Apache ActiveMQ"
+  tags: panel,activemq,apache,login
 
 http:
   - method: GET
     path:
-      - '{{BaseURL}}'
+      - "{{BaseURL}}/admin/"
+      - "{{BaseURL}}/demo/"
+      - "{{BaseURL}}"
 
+    stop-at-first-match: true
     matchers:
-      - type: word
+      - type: dsl
-        words:
+        dsl:
-          - '<h2>Welcome to the Apache ActiveMQ!</h2>'
+          - 'status_code == 200'
-          - '<title>Apache ActiveMQ</title>'
+          - 'contains_any(to_lower(body), "<title>apache activemq</title>", "<h2>welcome to the apache activemq!</h2>", "manage activemq broker", "activemq console")'
         condition: and
-# digest: 490a0046304402200680997e4c289c87060383d51f4bb6961f032074940d7a88d3138c2409d5d33d022034ae36716fa244b3aeac8f14f6396f8559ca6197384d895d23af31b722998851:922c64590222798bb761d5b6d8e72950
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '(?i)Copyright\s+([0-9\-]+)'
+          - '(?i)<td>Version<\/td>[\r\n\s]*<td>[\r\n\s]*<b>([0-9.]+)<\/b>'