daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SSRF FP Fix (#4670) 

* Update CVE-2021-27748.yaml

* Update CVE-2021-22873.yaml

* Update interactsh-server.yaml

* misc fixes

* Update CVE-2021-27748.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
patch-1
Prince Chaddha 2022-06-28 04:45:56 +05:30 committed by GitHub
parent c6b69722bc
commit ba8ae02d24
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 27 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2021/CVE-2021-22054.yaml
View File

@ -31,4 +31,4 @@ requests:
- type: word - type: word
words: words:
- "<h1> Interactsh Server </h1>" - "Interactsh Server"

17
cves/2021/CVE-2021-22873.yaml
View File

@ -15,7 +15,10 @@ info:
cvss-score: 6.1 cvss-score: 6.1
cve-id: CVE-2021-22873 cve-id: CVE-2021-22873
cwe-id: CWE-601 cwe-id: CWE-601
tags: cve,cve2021,redirect metadata:
verified: true
shodan-query: http.favicon.hash:106844876
tags: cve,cve2021,redirect,revive
requests: requests:
- method: GET - method: GET
@ -30,12 +33,8 @@ requests:
stop-at-first-match: true stop-at-first-match: true
redirects: true redirects: true
max-redirects: 2 max-redirects: 2
matchers-condition: and
matchers: matchers:
- type: status - type: regex
status: part: header
- 200 regex:
- type: word - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
words:
- "<h1> Interactsh Server </h1>"
part: body

13
cves/2021/CVE-2021-27748.yaml
View File

@ -11,6 +11,9 @@ info:
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665 - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665
classification: classification:
cve-id: CVE-2021-27748 cve-id: CVE-2021-27748
metadata:
verified: true
shodan-query: http.html:"IBM WebSphere Portal"
tags: cve,cve2021,hcl,ibm,ssrf,websphere tags: cve,cve2021,hcl,ibm,ssrf,websphere
requests: requests:
@ -24,10 +27,10 @@ requests:
stop-at-first-match: true stop-at-first-match: true
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: status
status:
- 200
- type: word - type: word
words: words:
- "<h1> Interactsh Server </h1>" - "Interactsh Server"
- type: status
status:
- 200

12
technologies/interactsh-server.yaml
View File

@ -4,6 +4,9 @@ info:
name: Interactsh Server name: Interactsh Server
author: pdteam author: pdteam
severity: info severity: info
metadata:
verified: true
shodan-query: http.html:"Interactsh Server"
tags: tech,interactsh tags: tech,interactsh
requests: requests:
@ -11,14 +14,19 @@ requests:
path: path:
- "{{BaseURL}}" - "{{BaseURL}}"
matchers-condition: and
matchers: matchers:
- type: word - type: word
words: words:
- "<h1> Interactsh Server </h1>" - "Interactsh Server"
- type: status
status:
- 200
extractors: extractors:
- type: regex - type: regex
group: 1 group: 1
regex: regex:
- '<b>(.*)<\/b> server' - '<b>(.*)<\/b> server'
- 'from <b>(.*)<\/b>' - 'from <b>(.*)<\/b>'