id: fastjson-version info: name: Fastjson Version Detection author: yuansec severity: info description: If the server returns an exception to the client,The fastjson version will be retrieved,Fastjson versions greater than 1.2.41,Contains the latest version(1.2.76). reference: https://blog.csdn.net/caiqiiqi/article/details/107907489 tags: fastjson,tech requests: - raw: - | POST / HTTP/1.1 Host: {{Hostname}} Content-Type: application/json {"@type":"java.lang.AutoCloseable" matchers: - type: word words: - 'fastjson-version' extractors: - type: regex part: body group: 1 regex: - 'fastjson-version.*([0-9]\.[0-9]+\.[0-9]+)'