improved matcher and tags update

2021-02-22 12:31:32 +05:30 · 2021-02-22 12:31:32 +05:30 · b6091f9090
parent e532df3450
commit b6091f9090
11 changed files with 16 additions and 14 deletions
--- a/cves/2007/CVE-2007-4556.yaml
+++ b/cves/2007/CVE-2007-4556.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://www.guildhab.top/?p=2326
-  tags: cve,cve2007,apache,rce
+  tags: cve,cve2007,apache,rce,struts

 requests:
  - method: POST
--- a/cves/2012/CVE-2012-0392.yaml
+++ b/cves/2012/CVE-2012-0392.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://blog.csdn.net/weixin_43416469/article/details/113850545
-  tags: cve, cve2012,apache,rce
+  tags: cve, cve2012,apache,rce,struts

 requests:
  - method: GET
--- a/cves/2012/CVE-2012-0838.yaml
+++ b/cves/2012/CVE-2012-0838.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://blog.csdn.net/weixin_43416469/article/details/113849942
-  tags: cve,cve2012,apache,rce
+  tags: cve,cve2012,apache,struts,rce

 requests:
  - method: POST
@ -21,7 +21,9 @@ requests:

      - type: regex
        regex:
-          - "uid=*"
+          - "uid(.*)"
+          - "gid(.*)"
+        part: body
        condition: and

      - type: status
--- a/cves/2013/CVE-2013-1966.yaml
+++ b/cves/2013/CVE-2013-1966.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://blog.csdn.net/weixin_43416469/article/details/113636581?utm_medium=distribute.pc_relevant_t0.none-task-blog-OPENSEARCH-1.control&dist_request_id=979f56d5-0937-4e8d-8e1e-79f3a5d24e14&depth_1-utm_source=distribute.pc_relevant_t0.none-task-blog-OPENSEARCH-1.control
-  tags: cve,cve2013,apache,rce
+  tags: cve,cve2013,apache,rce,struts

 requests:
  - method: GET
--- a/cves/2013/CVE-2013-2134.yaml
+++ b/cves/2013/CVE-2013-2134.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://blog.csdn.net/weixin_43416469/article/details/113852197?utm_medium=distribute.pc_relevant.none-task-blog-OPENSEARCH-11.control&dist_request_id=979f56d5-0937-4e8d-8e1e-79f3a5d24e14&depth_1-utm_source=distribute.pc_relevant.none-task-blog-OPENSEARCH-11.control
-  tags: cve,cve2013,apache,rce
+  tags: cve,cve2013,apache,rce,struts

 requests:
  - method: GET
--- a/cves/2013/CVE-2013-2251.yaml
+++ b/cves/2013/CVE-2013-2251.yaml
@ -5,7 +5,7 @@ info:
  author: exploitation & @dwisiswant0
  severity: critical
  description: In Struts 2 before 2.3.15.1 the information following "action:", "redirect:" or "redirectAction:" is not properly sanitized. Since said information will be evaluated as OGNL expression against the value stack, this introduces the possibility to inject server side code.
-  tags: cve,cve2013,rce
+  tags: cve,cve2013,rce,struts,apache

 requests:
  - payloads:
--- a/cves/2017/CVE-2017-12611.yaml
+++ b/cves/2017/CVE-2017-12611.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12611
-  tags: cve, cve2017,apache,rce
+  tags: cve,cve2017,apache,rce,struts

 requests:
  - method: POST
--- a/cves/2017/CVE-2017-5638.yaml
+++ b/cves/2017/CVE-2017-5638.yaml
@ -1,10 +1,10 @@
 id: CVE-2017-5638
 info:
-  author: "Random Robbie"
-  name: "Struts2 RCE "
+  author: Random Robbie
+  name: Struts2 RCE
  severity: critical
  description: Struts is vulnerable to remote command injection attacks through incorrectly parsing an attacker’s invalid Content-Type HTTP header. The Struts vulnerability allows these commands to be executed under the privileges of the Web server.
-  tags: cve,cve2017,struts,rce
+  tags: cve,cve2017,struts,rce,apache

 # This template supports the detection part only.
 # Do not test any website without permission
--- a/cves/2017/CVE-2017-9805.yaml
+++ b/cves/2017/CVE-2017-9805.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://nvd.nist.gov/vuln/detail/CVE-2017-9805
-  tags: cve,cve2017,apache,rce
+  tags: cve,cve2017,apache,rce,struts

 requests:
  - method: POST
--- a/cves/2020/CVE-2020-17530.yaml
+++ b/cves/2020/CVE-2020-17530.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: http://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
-  tags: cve,cve2020,apache,rce
+  tags: cve,cve2020,apache,rce,struts

  # Forced OGNL evaluation, when evaluated on raw user input in tag attributes,
  # may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
--- a/exposures/logs/struts-debug-mode.yaml
+++ b/exposures/logs/struts-debug-mode.yaml
@ -4,7 +4,7 @@ info:
  name: Apache Struts setup in Debug-Mode
  author: pd-team
  severity: low
-  tags: logs,struts
+  tags: logs,struts,apache

 requests:
  - method: GET