2024-04-08 06:45:08 +00:00
|
|
|
id: generic-rfi
|
2024-03-16 18:44:49 +00:00
|
|
|
|
|
|
|
|
info:
|
2024-04-08 06:45:08 +00:00
|
|
|
name: Generic Remote File Inclusion
|
2024-03-16 18:44:49 +00:00
|
|
|
author: m4lwhere
|
|
|
|
|
severity: high
|
|
|
|
|
reference:
|
|
|
|
|
- https://www.invicti.com/learn/remote-file-inclusion-rfi/
|
2024-06-07 10:04:29 +00:00
|
|
|
metadata:
|
|
|
|
|
max-request: 1
|
2024-03-23 09:32:51 +00:00
|
|
|
tags: rfi,dast,oast
|
2024-03-16 18:44:49 +00:00
|
|
|
|
|
|
|
|
http:
|
2024-03-31 19:55:42 +00:00
|
|
|
- pre-condition:
|
2024-03-26 07:21:56 +00:00
|
|
|
- type: dsl
|
|
|
|
|
dsl:
|
|
|
|
|
- 'method == "GET"'
|
2024-03-16 18:44:49 +00:00
|
|
|
|
|
|
|
|
payloads:
|
|
|
|
|
rfi:
|
|
|
|
|
- "https://rfi.nessus.org/rfi.txt"
|
|
|
|
|
|
|
|
|
|
fuzzing:
|
|
|
|
|
- part: query
|
|
|
|
|
mode: single
|
|
|
|
|
fuzz:
|
|
|
|
|
- "{{rfi}}"
|
|
|
|
|
|
|
|
|
|
stop-at-first-match: true
|
|
|
|
|
matchers:
|
|
|
|
|
- type: word
|
|
|
|
|
part: body # Confirms the PHP was executed
|
|
|
|
|
words:
|
|
|
|
|
- "NessusCodeExecTest"
|
2024-06-08 16:02:17 +00:00
|
|
|
# digest: 490a00463044022029d2873c4bd52bc2237f5807f6053de597738e331d83ff8661e78b54b9f8eabc02200aef90a617b1a1997f782d347cdea43e3cba3e453b60aa77148a0632bade8d7c:922c64590222798bb761d5b6d8e72950
|
