24-Mar-2022 21:36 - edited 24-Mar-2022 21:42
I am not a web ddveloper and am confused by AWAF/ASM Server Technology "CGI" and don't know if I am to include it in as ASP. Is there a definitive indicator for such ?
Wikipedia states "A common convention is to have a cgi-bin/ directory at the base of the directory .." and "CGI scripts are consistently given the extension .cgi ..." seems clear - so, if my web server has this, then I should include "CGI" Server Technology in ASP?
What about "php-cgi/" - are Attack Signatures for this included in "PHP" Server Technology or do I also need "CGI" in ASP?
You should include both CGI and PHP in your "Server Technologies". PHP can be used as a module or CGI program. Should it, but any unfortunate reason, be used as CGI, then the server can be open to vulnerabilities you should worry about. The usage of PHP does not imply CGI - and vice versa.
Use this link as reference to short description of server technologies: https://clouddocs.f5.com/products/waf-declarative-policy/server_technology.html
my issue is that I don't know if "CGI" SHOULD be included. I can attack plenty of "Server Technologies" to an ASP on off-chance that they may be pertinent, but I want to know if I can identify "CGI" as being used - hence, I highlighted "php-cgi/" path (as one possibility) but am seeking alternative flags or gingerprints for such.