daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1865 from projectdiscovery/fix-CVE-2012-3153 

Fixed CVE-2012-3153 with strict matchers
patch-1
Sandeep Singh 2021-07-04 01:06:01 +05:30 committed by GitHub
parent db47c1014e 35a8d999cb
commit 7763d9c36a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2012/CVE-2012-3153.yaml
View File

@ -24,9 +24,7 @@ requests:
matchers:
- type: dsl
dsl:
- 'regex("\\\\.*\\\\showenv", body_1)'
- 'regex("/.*/showenv", body_1)'
condition: or
- 'contains(body_1, "Reports Servlet")'
- type: status
status:
@ -41,11 +39,9 @@ requests:
extractors:
- type: regex
name: windows_working_path
part: body_1
regex:
- ".?.?\\\\.*\\\\showenv"
- type: regex
name: linux_working_path
part: body_1
regex:
- "/.*/showenv"