From 5defeeec306291f73168e715f9d3fca84d249003 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sun, 11 Aug 2024 18:47:01 +0200 Subject: [PATCH 1/4] Update activemq-panel.yaml --- http/exposed-panels/activemq-panel.yaml | 28 ++++++++++++++++++------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index 0ee31cbff8b..e6a4fc1601d 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -2,11 +2,12 @@ id: activemq-panel info: name: Apache ActiveMQ Exposure - author: pdteam + author: pdteam,righettod severity: info description: An Apache ActiveMQ implementation was discovered. reference: - https://activemq.apache.org/ + - https://activemq.apache.org/components/classic/documentation/rest classification: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* @@ -17,17 +18,28 @@ info: shodan-query: - cpe:"cpe:2.3:a:apache:activemq" - product:"activemq openwire transport" - tags: panel,activemq,apache + - http.title:"Apache ActiveMQ" + tags: panel,activemq,apache,login http: - method: GET path: - - '{{BaseURL}}' + - "{{BaseURL}}/admin/" + - "{{BaseURL}}/demo/" + - "{{BaseURL}}" + stop-at-first-match: true matchers: - - type: word - words: - - '

Welcome to the Apache ActiveMQ!

' - - 'Apache ActiveMQ' + - type: dsl + dsl: + - 'status_code == 200 || status_code == 401' + - 'contains_any(to_lower(body), "apache activemq", "manage activemq broker", "activemq console")' condition: and -# digest: 490a0046304402200680997e4c289c87060383d51f4bb6961f032074940d7a88d3138c2409d5d33d022034ae36716fa244b3aeac8f14f6396f8559ca6197384d895d23af31b722998851:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + + extractors: + - type: regex + part: body + group: 1 + regex: + - '(?i)Copyright\s+([0-9\-]+)' + - '(?i)Version<\/td>[\r\n\s]+[\r\n\s]+([0-9.]+)<\/b>' From a5ae961f4d1e6ba9a4d394851330cc9d3195af08 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sun, 11 Aug 2024 18:54:08 +0200 Subject: [PATCH 2/4] Tune matcher --- http/exposed-panels/activemq-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index e6a4fc1601d..e3dd44d5544 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -33,7 +33,7 @@ http: - type: dsl dsl: - 'status_code == 200 || status_code == 401' - - 'contains_any(to_lower(body), "apache activemq", "manage activemq broker", "activemq console")' + - 'contains_any(to_lower(body), "apache activemq", "

welcome to the apache activemq!

", "manage activemq broker", "activemq console")' condition: and extractors: From 258c2c378310523ee605a36fecf328e2679bf52f Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sun, 11 Aug 2024 19:01:39 +0200 Subject: [PATCH 3/4] tune RC code --- http/exposed-panels/activemq-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index e3dd44d5544..d960481f46a 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -32,7 +32,7 @@ http: matchers: - type: dsl dsl: - - 'status_code == 200 || status_code == 401' + - 'status_code == 200' - 'contains_any(to_lower(body), "apache activemq", "

welcome to the apache activemq!

", "manage activemq broker", "activemq console")' condition: and From 6b541e29b2d9a9ac403d0dfa14c719459f382aa5 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sun, 11 Aug 2024 19:07:48 +0200 Subject: [PATCH 4/4] Tune regex for version --- http/exposed-panels/activemq-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index d960481f46a..e2cf3d717b1 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -42,4 +42,4 @@ http: group: 1 regex: - '(?i)Copyright\s+([0-9\-]+)' - - '(?i)Version<\/td>[\r\n\s]+[\r\n\s]+([0-9.]+)<\/b>' + - '(?i)Version<\/td>[\r\n\s]*[\r\n\s]*([0-9.]+)<\/b>'