id: fastcgi-echo info: name: FastCGI Echo Endpoint Script - Detect author: powerexploit severity: info description: | FastCGI echo endpoint script was detected, which lists several kinds of sensitive information such as port numbers, server software versions, port numbers, and IP addresses. remediation: Remove or disable FastCGI module delivered with the Apache httpd server which is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2). reference: - https://www.exploit-db.com/ghdb/183 - https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports metadata: max-request: 1 verified: true google-query: inurl:fcgi-bin/echo tags: exposure,logs,oracle,fastcgi,edb http: - method: GET path: - "{{BaseURL}}/fcgi-bin/echo" matchers-condition: and matchers: - type: word part: body words: - "