daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated matchers

patch-1
Ritik Chaddha 2023-01-19 15:17:55 +05:30 committed by GitHub
parent 043416439c
commit cd5d6f8588
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
miscellaneous/exposed-file-upload-form.yaml
View File

@ -6,7 +6,7 @@ info:
severity: low
metadata:
verified: true
shodan-query: http.html:"multipart/form-data"
shodan-query: http.html:"multipart/form-data" html:"file"
tags: exposure,upload,form
requests:
@ -19,12 +19,12 @@ requests:
- type: regex
regex:
- <form.*?method=("|')?post("|')?.*?>
- <form.*?(?i)(?-i)enctype=("|')?multipart/form-data("|')?.*?>
- <form.*?(?i)(?-i)enctype=("|')?multipart\/form-data("|')?.*?>
- <input.*?type=("|')?file("|')?.*?>
condition: or
- type: word
words:
- 'type="file"'
- type: regex
regex:
- "type=[\"'](file)[\"']"
- 'id="file"'
condition: or