Penetration test - get the system fofa keyword to brush the hole

How to get FOFA Syntax keywords
Sometimes a new loophole , Want to take poc To brush a wave , But I don't know how to use fofa Search for

H3C For example

The vulnerable page is like this , We found that we can't right-click to view the source code （ It's fine too F12）,
So at this time, we can find keywords according to the characteristics existing on some pages .

according to url Search for keywords in ：
For example, the picture above url in /imc/login.jsf,
This path may be the path unique to this product ,
We can directly copy and paste the path in fofa Mid search （ Not particularly accurate ）：

Search according to website keywords ：
fofa It is a website that supports search body Of , This shows that we can search according to some specific keywords on the website ,
For example, in the picture above iMC Guests access the self-service management system and product registration ,
These two keywords may be h3c Unique keywords , And the keyword is in html Of body label ：

According to the relevant background or logo Search for ：
Generally, such a system , some logo The files are stored in a specific path ,
We can find the path of this picture , Then search according to the specific image path ：

Found that these two things are logo, and logo In general, the path of a specific system will not change ,
We can copy this path to fofa To search

Of course , There are many other ways to get some specific information about a system FOFA grammar .
For example, using ico hash etc.