From e60d68673a508a355b3febf0460647185822105d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=88=91=E4=BC=9A=E5=95=8AD=2C=E6=98=8E=E5=B0=8F=E5=AD=90?=
 =?UTF-8?q?=2C=E5=BE=A1=E5=89=91?=
 <104293903+pwnhxl@users.noreply.github.com>
Date: Thu, 10 Oct 2024 15:27:07 +0800
Subject: [PATCH] Update metadata-alibaba.yaml

---
 http/misconfiguration/proxy/metadata-alibaba.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/http/misconfiguration/proxy/metadata-alibaba.yaml b/http/misconfiguration/proxy/metadata-alibaba.yaml
index 7ef6131f72..d151a3b89c 100644
--- a/http/misconfiguration/proxy/metadata-alibaba.yaml
+++ b/http/misconfiguration/proxy/metadata-alibaba.yaml
@@ -22,7 +22,7 @@ info:
     cvss-score: 9.3
     cwe-id: CWE-441
   metadata:
-    max-request: 2
+    max-request: 4
   tags: exposure,config,alibaba,proxy,misconfig,metadata
 
 http:
@@ -38,11 +38,14 @@ http:
       path:
         - dynamic/instance-identity/document
         - 2016-01-01/dynamic/instance-identity/document
+    attack: clusterbomb
+
     unsafe: true
     matchers:
       - type: word
         part: body
         words:
           - '","serial-number":"'
-
+          - '"zone-id":"'
+        condition: and
 # digest: 490a004630440220495fde6b8e524846446e53dead7f589f22c254d0ca7b6e09e07210469773749f0220264d2180b4589c8663f68bab544d951ad739fae7f3b6dccaaacee29718cb4778:922c64590222798bb761d5b6d8e72950