daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/other/php-zerodium-backdoor-rce.yaml

27 lines
581 B
YAML
Raw Normal View History

Create php-zerodium-backdoor-rce.yaml
2021-06-10 16:31:26 +00:00
id: php-zerodium-backdoor-rce
info:
name: PHP Zerodium Backdoor RCE
author: dhiyaneshDk
Update Severity
2021-09-18 14:07:47 +00:00
severity: critical
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
description: A backdoor has been introduced into PHP, dubbed 'zerodiumvar_dump', the backdoor allowed the execution of arbitrary PHP code.
reference:
- https://news-web.php.net/php.internals/113838
Create php-zerodium-backdoor-rce.yaml
2021-06-10 16:31:26 +00:00
tags: php,backdoor
requests:
- method: GET
path:
- "{{BaseURL}}"
removed extra headers not required for template
2021-09-08 12:17:19 +00:00
Create php-zerodium-backdoor-rce.yaml
2021-06-10 16:31:26 +00:00
headers:
Fixed mistakes/typos Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84
2021-08-19 13:59:55 +00:00
User-Agent: zerodiumvar_dump(233*233);
removed extra headers not required for template
2021-09-08 12:17:19 +00:00
Create php-zerodium-backdoor-rce.yaml
2021-06-10 16:31:26 +00:00
matchers-condition: and
matchers:
- type: word
words:
- "int(54289)"
part: body