Detects Fortra FileCatalyst web interfaces that allow anonymous or guest access. FileCatalyst is a managed file transfer solution, and anonymous access to its portal can expose sensitive files and configuration if not properly secured. This template checks for publicly accessible instances with guest or unauthenticated user functionality.
PoC代码[已公开]
id: fortra-filecatalyst-anonymous-access
info:
name: Fortra FileCatalyst - Anonymous Access
author: ritikchaddha
severity: low
description: |
Detects Fortra FileCatalyst web interfaces that allow anonymous or guest access. FileCatalyst is a managed file transfer solution, and anonymous access to its portal can expose sensitive files and configuration if not properly secured. This template checks for publicly accessible instances with guest or unauthenticated user functionality.
reference:
- https://www.fortra.com/products/filecatalyst
- https://www.fortra.com/products/filecatalyst/resources/security-best-practices
metadata:
verified: true
max-request: 1
vendor: fortra
product: filecatalyst
shodan-query: title:"FileCatalyst"
fofa-query: title="FileCatalyst"
tags: filecatalyst,fortra,anonymous,exposure,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/workflow/jsp/downloadFiles.jsp"
redirects: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '</i>Guest'
- 'Logout</a>'
- 'FileCatalyst'
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022100c53a2cce7a8aa9186d459f07c1d26fa8562b08fde9da627a2c3185c504b0bcb502202f37a18342b0d722f977484aa573913617beafed820a8c0b66628a13ddfb7bd4:922c64590222798bb761d5b6d8e72950