daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve CVE-2017-12149 template

patch-1
Soubiran, Thibault 2023-02-07 16:23:02 +01:00
parent f7a08283ab
commit aa5cee5635
No known key found for this signature in database
GPG Key ID: BC214437BF65508D
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cves/2017/CVE-2017-12149.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2017-12149
info:
name: Jboss Application Server - Remote Code Execution
author: fopina
author: fopina,s0obi
severity: critical
description: Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2 is susceptible to a remote code execution vulnerability because the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization, thus allowing an attacker to execute arbitrary code via crafted serialized data.
reference:
@ -33,16 +33,22 @@ requests:
{{ base64_decode("rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==") }}
- |
POST /invoker/readonly HTTP/1.1
Host: {{Hostname}}
Content-Type: application/octet-stream
{{ base64_decode("rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==") }}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "ClassCastException"
- type: word
part: header
words:
- "application/x-java-serialized-object"
- type: status
status:
- 200
- 500
# Enhanced by mp on 2022/05/11