nuclei-templates/exposures/logs/fastcgi-echo.yaml

37 lines
1005 B
YAML

id: fastcgi-echo
info:
name: Fastcgi Echo Endpoint Exposure
author: powerexploit
severity: info
description: |
FastCGI module delivered with the Apache httpd server that is incorporated into the Oracle Application Server.FastCGI echo programs (echo and echo2) should be always removed or disabled in all Oracle Application Servers implementations as they can provide information at an attacker
reference:
- https://www.exploit-db.com/ghdb/183
- https://www.integrigy.com/oracle-application-server-fastcgi-echo-vulnerability-reports
metadata:
verified: true
google-dork: inurl:fcgi-bin/echo
tags: exposure,logs,oracle,fastcgi
requests:
- method: GET
path:
- "{{BaseURL}}/fcgi-bin/echo"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>FastCGI echo</title>"
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200