nuclei-templates/http/fuzzing/cache-poisoning-fuzz.yaml

37 lines
1.2 KiB
YAML
Raw Permalink Normal View History

2021-12-25 07:56:35 +00:00
id: cache-poisoning-fuzz
info:
name: Cache Poison Fuzzing
2023-02-01 08:53:01 +00:00
author: dwisiswant0,ColbyJack1134
2021-12-25 07:56:35 +00:00
severity: info
reference:
- https://youst.in/posts/cache-poisoning-at-scale/
- https://portswigger.net/web-security/web-cache-poisoning
metadata:
max-request: 5834
tags: fuzz,cache
2021-12-25 07:56:35 +00:00
http:
2021-12-25 07:56:35 +00:00
- raw:
- |
GET /?{{md5(headers)}}=1 HTTP/1.1
2021-12-25 07:56:35 +00:00
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
2023-02-10 08:51:09 +00:00
{{headers}}: {{randstr}}.tld
2021-12-25 07:56:35 +00:00
- |
GET /?{{md5(headers)}}=1 HTTP/1.1
2021-12-25 07:56:35 +00:00
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
2021-12-25 07:56:35 +00:00
attack: clusterbomb
payloads:
2023-10-14 11:27:55 +00:00
headers: helpers/wordlists/headers.txt
2021-12-25 07:56:35 +00:00
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- 'contains(body_1, "{{randstr}}")'
- 'contains(body_2, "{{randstr}}")'
2023-02-01 08:53:01 +00:00
condition: and
# digest: 4a0a00473045022100893d371d193cc0f4111cf8b61a2d092bf7820039aa9a6eecf49529c0d59ac41702201b80bdfb4007c9173b4cff9a55590cf605b0918021c8bbd96b3cc0294ecd5124:922c64590222798bb761d5b6d8e72950