From 68029a5284f4b1a34c797f6261c44600f5e3e22b Mon Sep 17 00:00:00 2001 From: Jarcis-cy Date: Wed, 3 Jul 2024 16:03:22 +0800 Subject: [PATCH] =?UTF-8?q?[update]=20=E6=95=B4=E7=90=86=E9=83=A8=E5=88=86?= =?UTF-8?q?=E6=8C=87=E7=BA=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- finger/ehole/NETGEAR-DGND3700.yml | 44 ------------------- finger/{ehole => manual/web}/CLTPHP.yml | 3 +- finger/{ehole => manual/web}/EleanorCMS.yml | 3 +- finger/manual/web/NETGEAR-DGND3700.yml | 31 +++++++++++++ finger/{ehole => manual/web}/UCMS.yml | 1 + .../web}/Vivotek (Camera).yml | 1 + 6 files changed, 37 insertions(+), 46 deletions(-) delete mode 100644 finger/ehole/NETGEAR-DGND3700.yml rename finger/{ehole => manual/web}/CLTPHP.yml (92%) rename finger/{ehole => manual/web}/EleanorCMS.yml (89%) create mode 100644 finger/manual/web/NETGEAR-DGND3700.yml rename finger/{ehole => manual/web}/UCMS.yml (92%) rename finger/{ehole => manual/web}/Vivotek (Camera).yml (94%) diff --git a/finger/ehole/NETGEAR-DGND3700.yml b/finger/ehole/NETGEAR-DGND3700.yml deleted file mode 100644 index be88a71..0000000 --- a/finger/ehole/NETGEAR-DGND3700.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: fingerprint-yaml-NETGEAR-DGND3700 -manual: false -detail: - fingerprint: - name: NETGEAR-DGND3700 - fofa: body="var host_name=\"dgnd3700\"" && body="content=\"dgnd3700" || header="netgear dgnd3700" || header="NETGEAR DGND3700" || body="content=\"dgnd3700" || body="var host_name=\"dgnd3700\"" -transport: http -rules: - r0: - request: - cache: true - method: GET - path: / - follow_redirects: true - expression: response.body_string.contains('var host_name="dgnd3700"') && response.body_string.contains('content="dgnd3700') - r1: - request: - cache: true - method: GET - path: / - follow_redirects: true - expression: response.raw_header.bcontains(bytes("netgear dgnd3700")) - r2: - request: - cache: true - method: GET - path: / - follow_redirects: true - expression: response.raw_header.bcontains(bytes("NETGEAR DGND3700")) - r3: - request: - cache: true - method: GET - path: / - follow_redirects: true - expression: response.body_string.contains('content="dgnd3700') - r4: - request: - cache: true - method: GET - path: / - follow_redirects: true - expression: response.body_string.contains('var host_name="dgnd3700"') -expression: r0() || r1() || r2() || r3() || r4() diff --git a/finger/ehole/CLTPHP.yml b/finger/manual/web/CLTPHP.yml similarity index 92% rename from finger/ehole/CLTPHP.yml rename to finger/manual/web/CLTPHP.yml index b53e21d..c8a214e 100644 --- a/finger/ehole/CLTPHP.yml +++ b/finger/manual/web/CLTPHP.yml @@ -3,7 +3,8 @@ manual: false detail: fingerprint: name: CLTPHP - fofa: header="CLTPHP" || body="CLTPHP" || title="CLTPHP" + fofa: product="CLTPHP" + cpe: cltphp:cltphp transport: http rules: r0: diff --git a/finger/ehole/EleanorCMS.yml b/finger/manual/web/EleanorCMS.yml similarity index 89% rename from finger/ehole/EleanorCMS.yml rename to finger/manual/web/EleanorCMS.yml index 9dd83fa..198033b 100644 --- a/finger/ehole/EleanorCMS.yml +++ b/finger/manual/web/EleanorCMS.yml @@ -3,7 +3,8 @@ manual: false detail: fingerprint: name: EleanorCMS - fofa: header="Eleanor CMS" || title="Eleanor CMS" + fofa: product="EleanorCMS" + cpe: eleanor-cms:eleanor_cms transport: http rules: r0: diff --git a/finger/manual/web/NETGEAR-DGND3700.yml b/finger/manual/web/NETGEAR-DGND3700.yml new file mode 100644 index 0000000..9c73eab --- /dev/null +++ b/finger/manual/web/NETGEAR-DGND3700.yml @@ -0,0 +1,31 @@ +name: fingerprint-yaml-NETGEAR-DGND3700 +manual: false +detail: + fingerprint: + name: NETGEAR-DGND3700 + cpe: netgear:dgnd3700b_firmware + fofa: product="NETGEAR-DGND3700" +transport: http +rules: + r0: + request: + cache: true + method: GET + path: / + follow_redirects: true + expression: response.raw_header.ibcontains(bytes("netgear dgnd3700")) + r1: + request: + cache: true + method: GET + path: / + follow_redirects: true + expression: response.body_string.contains('content="dgnd3700') + r2: + request: + cache: true + method: GET + path: / + follow_redirects: true + expression: response.body_string.contains('var host_name="dgnd3700"') +expression: r0() || r1() || r2() diff --git a/finger/ehole/UCMS.yml b/finger/manual/web/UCMS.yml similarity index 92% rename from finger/ehole/UCMS.yml rename to finger/manual/web/UCMS.yml index e35c8fc..c7e4bd3 100644 --- a/finger/ehole/UCMS.yml +++ b/finger/manual/web/UCMS.yml @@ -4,6 +4,7 @@ detail: fingerprint: name: UCMS fofa: title="UCMS" + cpe: ucms_project:ucms transport: http rules: r0: diff --git a/finger/ehole/Vivotek (Camera).yml b/finger/manual/web/Vivotek (Camera).yml similarity index 94% rename from finger/ehole/Vivotek (Camera).yml rename to finger/manual/web/Vivotek (Camera).yml index de7b8f7..28c721a 100644 --- a/finger/ehole/Vivotek (Camera).yml +++ b/finger/manual/web/Vivotek (Camera).yml @@ -4,6 +4,7 @@ detail: fingerprint: name: Vivotek (Camera) fofa: icon_hash="-1654229048" + cpe: vivotek:camera transport: http rules: r0: