Merge pull request #9679 from johnk3r/main

Create boa-webserver.yaml
2024-05-15 13:40:39 +05:30 · 2024-05-15 13:40:39 +05:30 · ecceab6f36
parent f89e250ba8 ce59c1b9b8
commit ecceab6f36
1 changed files with 37 additions and 0 deletions
--- a/http/technologies/boa-web-server.yaml
+++ b/http/technologies/boa-web-server.yaml
@ -0,0 +1,37 @@
+id: boa-web-server
+
+info:
+  name: Boa Web Server - Detect
+  author: johnk3r
+  severity: info
+  description: |
+    Boa is a single-tasking HTTP server. That means that unlike traditional web servers, it does not fork for each incoming connection, nor does it fork many copies of itself to handle multiple connections.
+  reference:
+    - https://www.microsoft.com/en-us/security/blog/2022/11/22/vulnerable-sdk-components-lead-to-supply-chain-risks-in-iot-and-ot-environments/
+    - http://www.boa.org/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cwe-id: CWE-200
+  metadata:
+    shodan-query: "Server: Boa/"
+    verified: true
+    max-request: 1
+  tags: boa,tech
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - "Server: Boa/"
+
+    extractors:
+      - type: kval
+        part: header
+        kval:
+          - Server