Update shiro-deserialization-detection.yaml
parent
9b929ca85c
commit
425565567a
|
@ -2,7 +2,7 @@ id: shiro-deserialization-detection
|
|||
|
||||
info:
|
||||
name: Shiro <= 1.2.4 Deserialization Detection
|
||||
author: hotpot
|
||||
author: hotpot,j4vaovo
|
||||
severity: unknown
|
||||
description: |
|
||||
This template is designed to detect the Shiro framework's default key vulnerabilities. It leverages 51 built-in Shiro keys to probe for potential vulnerabilities.
|
||||
|
@ -29,9 +29,15 @@ http:
|
|||
|
||||
req-condition: true
|
||||
stop-at-first-match: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'contains(header_1, "Set-Cookie") && (contains(header_1, "rememberMe=") || contains(header_1, "=deleteMe"))'
|
||||
- '!contains(header_2, "rememberMe=") && !contains(header_2, "=deleteMe")'
|
||||
condition: and
|
||||
|
||||
- type: dsl # WAF Block Page
|
||||
dsl:
|
||||
- '!contains(body_2, "<p>当前访问疑似黑客攻击,已被网站管理员设置拦截并记录</p>")'
|
||||
condition: and
|
||||
|
|
Loading…
Reference in New Issue