re-write template

Added additional req, matchers and info

http/cves/2022/CVE-2022-23102.yaml

@@ -1,7 +1,7 @@
 id: CVE-2022-23102
 info:
   name: SINEMA Remote Connect Server < V2.0 - Open Redirect
-  author: ctflearner
+  author: ctflearner,ritikchaddha
   severity: medium
   description: |
    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks.
@@ -22,12 +22,31 @@ info:
   tags: cve,cve2022,redirect,sinema
 
 http:
-  - method: GET
+  - raw:
-    path:
+      - |
-      - "{{BaseURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh"
+        GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: csrftoken={{csrf}};
+        Referer: {{BaseURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh
+
+        csrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}
 
     matchers:
       - type: regex
-        part: header
+        part: header_2
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
+
+    extractors:
+      - type: regex
+        name: csrf
+        part: body
+        group: 1
+        regex:
+          - "name='csrfmiddlewaretoken' value='(.*)' />"
+        internal: true