id: CNVD-2021-32799

info:
  name: 360 Xintianqing - SQL Injection
  author: SleepingBag945
  severity: high
  reference:
    - https://blog.51cto.com/u_9691128/4295047
    - https://www.cnvd.org.cn/patchInfo/show/270651
    - https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/CNVD/2021/CNVD-2021-32799.yaml
  metadata:
    fofa-query: app="360新天擎"
    verified: true
    max-request: 1
  tags: cnvd,cnvd2021,360,xintianqing,sqli

http:
  - method: GET
    path:
      - '{{BaseURL}}/api/dp/rptsvcsyncpoint?ccid=1'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"reason":'
          - '"success"'
          - '"antiadwa":'
          - '"clientupgrade":'
        condition: and

      - type: word
        part: header
        words:
          - 'application/json'

      - type: status
        status:
          - 200