nuclei-templates/panels/sophos-fw-version-detect.yaml

27 lines
629 B
YAML

id: sophos-fw-version-detect
info:
name: Sophos Firewall version detection
author: organiccrap
severity: informative
requests:
- method: GET
path:
- "{{BaseURL}}/webconsole/webpages/login.jsp"
- "{{BaseURL}}/userportal/webpages/myaccount/login.jsp"
matchers-condition: and
matchers:
- type: word
words:
- "<title>Sophos</title>"
- type: regex
part: body
regex:
- "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})"
condition: and
extractors:
- type: regex
part: body
regex:
- "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})"