Update headless-open-redirect.yaml

Rearranged %0a, %0d, and %00 payloads to fix the issue when the template is not working. Added a new #/oast.live payload.
patch-1
SomeKirill 2024-03-05 16:37:22 +02:00 committed by GitHub
parent ac49e272ca
commit 1179efaeea
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 4 deletions

View File

@ -21,9 +21,6 @@ headless:
- action: waitload
payloads:
redirect:
- '%0a/oast.live/'
- '%0d/oast.live/'
- '%00/oast.live/'
- '%09/oast.live/'
- '%5C%5Coast.live/%252e%252e%252f'
- '%5Coast.live'
@ -112,10 +109,14 @@ headless:
- 'cgi-bin/redirect.cgi?oast.live'
- 'out?oast.live'
- 'login?to=http://oast.live'
- '#/oast.live'
- '%0a/oast.live/'
- '%0d/oast.live/'
- '%00/oast.live/'
stop-at-first-match: true
matchers:
- type: word
part: body
words:
- "Interactsh Server"
# digest: 4b0a00483046022100a8c70dc73a12a3a282a012774a3a10a99f153d80d4c16a01f2bb4bd9770903dc022100f491074035d26885797db4152bad2ecd436ebf4d1f7fa479d402303ceac17db0:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100a8c70dc73a12a3a282a012774a3a10a99f153d80d4c16a01f2bb4bd9770903dc022100f491074035d26885797db4152bad2ecd436ebf4d1f7fa479d402303ceac17db0:922c64590222798bb761d5b6d8e72950