SARG is an open source tool that allows you to analyse the squid log files and generates beautiful reports in HTML format with information about users, IP addresses, top accessed sites, total bandwidth usage, elapsed time, downloads, access denied websites, daily reports, weekly reports and monthly reports.
PoC代码[已公开]
id: squid-analysis-report-generator
info:
name: Squid Analysis Report Generator
author: geeknik
severity: high
description: SARG is an open source tool that allows you to analyse the squid log files and generates beautiful reports in HTML format with information about users, IP addresses, top accessed sites, total bandwidth usage, elapsed time, downloads, access denied websites, daily reports, weekly reports and monthly reports.
reference:
- https://sourceforge.net/projects/sarg/
metadata:
max-request: 1
tags: sarg,exposure,logs,vuln
http:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Squid User Access Report"
- "Squid User's Access Report"
condition: or
- type: word
part: body
words:
- "<td>Daily reports"
- "FILE/PERIOD"
condition: or
extractors:
- type: regex
part: body
regex:
- sarg-[0-99].[0-99].[0-99]
# digest: 4b0a00483046022100d192a1425676ab5c06d774ddb95882fe22f2d0aa28afb5cb80ec908996d730d902210083c161f8d7ef5f386432454b3c84f3399d5bcb9fbe6f14d411a3a483b03ecfa1:922c64590222798bb761d5b6d8e72950