Internals

Jump to bottom

Piyush Raj edited this page May 8, 2021 · 2 revisions

Reconnaissance — Jira version detection

If unauthenticated, one can access Confluence's landing page and retrieve version information from these places:

Login page footer.

Response Head AJS Tags.

Response Body What's New Link.

Response Body Confluence Help Link.

Reconnaissance — AWS platform detection

Jiraffe uses gethostbyaddr() to get the host name corresponding to target's IP address and then utilizes pattern searching to detect AWS.

Toggle table of contents Pages 3

Clone this wiki locally