1018160055.yaml

id: http
info:
  name: WebFinger httpd
  author: nmap,cn-kali-team
  tags: detect,tech,http,service
  severity: info
  metadata:
    rarity: 1
tcp:
- name: get-request
  inputs:
  - data: GET / HTTP/1.0\r\n\r\n
  host:
  - '{{Hostname}}'
  port: 1,70,79,88,113,139,143,280,497,505,514,515,540,554,591,620,631,783,888,898,900,901,1026,1080,1042,1214,1220,1234,1314,1344,1503,1610,1611,1830,1900,2001,2002,2030,2064,2160,2306,2396,2525,2715,2869,3000,3002,3052,3128,3280,3372,3531,3689,3872,4000,4444,4567,4660,4711,5000,5427,5060,5222,5269,5280,5432,5900,5985,6103,6346,6544,6600,6699,6969,7002,7007,7070,7100,7402,7776,8088,8118,8181,8530,9000,9001,9030,9050,9080,9090,9999,10000,10001,10005,11371,13013,13666,13722,14534,15000,17988,18264,31337,40193,50000,55555,80-85,5800-5803,8000-8010,8080-8085,8880-8888
  extractors:
  - name: http
    type: regex
    regex:
    - ^HTTP/1\.1 400 Bad request\r\n\r\n$