thinkphp-detect: ThinkPHP detect

漏洞描述

PoC代码[已公开]

id: thinkphp-detect

info:
  name: ThinkPHP detect
  author: zan8in
  severity: info
  verified: true
  description: |-
    fofa app="ThinkPHP"
  tags: thinkphp,detect
  created: 2023/07/01

rules:
  r0:
    request:
      method: GET
      path: /index.php?m=1
    expression: '"ThinkPHP</a><sup>([0-9]+.[0-9]+.[0-9]+)</sup>".bmatches(response.body)'
expression: r0()

相关漏洞推荐

• thinkphp-30-rce: Thinkphp 3.0 RCE
• thinkphp-5.0.23-rce: Thinkphp debug 执行任意命令
• thinkphp-50-rce: Thinkphp 5.0 RCE
• thinkphp-v6-file-write: thinkphp-v6-file-write
• ThinkPHP /index.php 信息泄露漏洞（CVE-2022-25481）
• POC CVE-2018-20062: ThinkPHP 5.0.23 - Remote Code Execution
• POC CVE-2022-25481: ThinkPHP 5.0.24 - Information Disclosure
• POC CVE-2022-47945: Thinkphp Lang - Local File Inclusion
• POC CNVD-2024-39045: Thinkphp3 文件包含漏洞
• POC CVE-2022-33107: ThinkPHP 6.0.12 反序列化 RCE
• POC CVE-2022-47945: Thinkphp Lang - Local File Inclusion
• POC thinkphp-errors: ThinkPHP Errors - Sensitive Information Exposure
• POC thinkphp-2-rce: ThinkPHP 2 3 's' Parameter RCE