darkstat-detect: Detect Darkstat Reports

日期: 2025-08-01 | 影响软件: darkstat detect | POC: 已公开

漏洞描述

Darkstat captures network traffic, calculates statistics about usage, and serves reports over HTTP

PoC代码[已公开]

id: darkstat-detect

info:
  name: Detect Darkstat Reports
  author: geeknik
  severity: high
  description: Darkstat captures network traffic, calculates statistics about usage, and serves reports over HTTP
  reference:
    - https://unix4lyfe.org/darkstat/
  metadata:
    max-request: 2
  tags: darkstat,logs,exposure,discovery

http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/darkstat/"

    # FYI, the default port for darkstat is 666
    matchers-condition: and
    matchers:
      - type: regex
        part: header
        regex:
          - "[Ss]erver: darkstat.*"

      - type: word
        part: body
        words:
          - "darkstat"
          - "<title>Graphs"
          - "Measuring for"
          - "hosts</a>"
        condition: and

    extractors:
      - type: kval
        part: header
        kval:
          - server
# digest: 4a0a0047304502203d688097e86c9681abd48be9f13021e547662be81c58f73d9d0e3c953f86b2be022100f81d268bbf0ae2f4006db0ea115f57f14c0b43d08be7ba4121b50c6164b12554:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/logs/darkstat-detect.yaml