[FALSE-POSITIVE] http/technologies/matrix-homeserver-detect.yaml

[k3mlol]

Template IDs or paths

- http/technologies/matrix-homeserver-detect.yaml

Environment

- OS: 
- Nuclei: 
- Go:

Steps To Reproduce

[redacted URL]
because the response is json, we can add detect Content-Type: application/json to match more accurate.

the updated template can be

id: matrix-homeserver-detect

info:
  name: Matrix Homeserver - Version Detection
  author: davidegirardi
  severity: info
  description: |
    Extract the Matrix homeserver name and version
  classification:
    cpe: cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: matrix
    product: synapse
    shodan-query: title:"Synapse is running"
  tags: tech,matrix,synapse

http:
  - method: GET
    path:
      - "{{BaseURL}}/_matrix/federation/v1/version"

    redirects: true
    max-redirects: 2
    matchers:
      - type: word
        part: body
        words:
          - '"server":'
          - '"name":'
          - '"version":'
        condition: and

      - type: word
        part: header
        words:
          - "Content-Type: application/json"

    extractors:
      - type: json
        part: body
        json:
          - '.server | select((.name != null) and (.version != null)) | .name, .version'

Relevant dumped responses

Anything else?

No response

[DhiyaneshGeek]

Hi @k3mlol

i have fixed the false positive and updated the template by adding content_type - application/json

Raised PR for the same #12236