nuclei-templates/technologies/jsf-detection.yaml

37 lines
948 B
YAML

id: jsf-detection
info:
name: JavaServer Faces Detection
author: brenocss,Moritz Nentwig
severity: info
description: Searches for JavaServer Faces content on a URL.
tags: jsf,tech,primefaces,richfaces
requests:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 3
matchers-condition: or
matchers:
- type: dsl
name: javafaces
dsl:
- "(contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState'))"
- type: dsl
name: primefaces
dsl:
- "contains(body, 'primefaces')"
- "contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState')"
condition: and
- type: dsl
name: richfaces
dsl:
- "contains(body, 'richfaces')"
- "contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState')"
condition: and