misc changes

2021-02-15 21:29:12 +05:30 · 2021-02-15 21:29:12 +05:30 · 55b6b33e93
parent 936b5992c7
commit 55b6b33e93
4 changed files with 12 additions and 4 deletions
--- a/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml
+++ b/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
+  tags: xss,samsung,lfi

 requests:
  - method: GET
--- a/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml
+++ b/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
+  tags: xss,samsung,rce

 requests:
  - method: POST
--- a/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml
+++ b/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: medium
  reference: https://iryl.info/2020/11/27/exploiting-samsung-router-wlan-ap-wea453e/
-
+  tags: xss,samsung,xss
 requests:
  - method: GET
    path:
@ -17,6 +17,12 @@ requests:
        words:
          - "/tmp/www/<script>alert(document.domain)</script>"
        part: body
+
      - type: status
        status:
          - 404
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
--- a/workflows/samsung-wlan-ap-workflow.yaml
+++ b/workflows/samsung-wlan-ap-workflow.yaml
@ -10,6 +10,6 @@ workflows:
  - template: default-logins/samsung/samsung-wlan-ap-default-credentials.yaml

    subtemplates:
-      - template: vulnerabilities/other/samsung-wlan-ap-rce.yaml
-      - template: vulnerabilities/other/samsung-wlan-ap-lfi.yaml
-      - template: vulnerabilities/other/samsung-wlan-ap-xss.yaml
+      - template: vulnerabilities/samsung/samsung-wlan-ap-rce.yaml
+      - template: vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml
+      - template: vulnerabilities/samsung/samsung-wlan-ap-xss.yaml