matcher update

2021-04-05 22:36:51 +05:30 · 2021-04-05 22:36:51 +05:30 · ab1a3a2e4d
parent 0622a53cfc
commit ab1a3a2e4d
1 changed files with 9 additions and 6 deletions
--- a/misconfiguration/aem/aem-hash-querybuilder.yaml
+++ b/misconfiguration/aem/aem-hash-querybuilder.yaml
@ -2,14 +2,11 @@ id: aem-hash-querybuilder

 info:
  author: DhiyaneshDk
-  name: Fetch password hash via QueryBuilder Servlet
+  name: Query hashed password via QueryBuilder Servlet
  severity: medium
-  reference: https://twitter.com/AEMSecurity/status/1372392101829349376?s=20
+  reference: https://twitter.com/AEMSecurity/status/1372392101829349376
  tags: aem

-#if you are able to get only jcr:uuid - low severity
-#if you are able to get rep:password - medium , high severity
-
 requests:
  - raw:
      - |
@ -22,11 +19,17 @@ requests:
        Connection: close
        Upgrade-Insecure-Requests: 1
        Cache-Control: max-age=0
+
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
+
      - type: word
        words:
-          - jcr:uuid
+          - '"success":true'
+
+      - type: word
+        words:
+          - 'rep:password'