nuclei-templates/http/technologies/jsf-detect.yaml

42 lines
1.1 KiB
YAML

id: jsf-detect
info:
name: JavaServer Faces Detection
author: brenocss,Moritz Nentwig
severity: info
description: Searches for JavaServer Faces content on a URL.
metadata:
max-request: 1
tags: jsf,tech,primefaces,richfaces
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 3
matchers-condition: or
matchers:
- type: dsl
name: javafaces
dsl:
- "(contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState'))"
- type: dsl
name: primefaces
dsl:
- "contains(body, 'primefaces')"
- "contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState')"
condition: and
- type: dsl
name: richfaces
dsl:
- "contains(body, 'richfaces')"
- "contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState')"
condition: and
# digest: 4b0a00483046022100c6c79025ccefbeb0f29e2930e1c0a9749cf789bfbb4005be7a5bb75918c3b04d022100d78229cfd91929b427b693c2268af9f8057266d8aa94f5821e40f910d3ee9a17:922c64590222798bb761d5b6d8e72950