name: poc-yaml-CVE-2017-7504-Jboss-serialization-RCE
rules:
  - method: GET
    path: /jbossmq-httpil/HTTPServerILServlet
    expression: |
      response.status == 200 && response.body.bcontains(b'This is the JBossMQ HTTP-IL')
detail:
  author: mamba
  description: "CVE-2017-7504-Jboss-serialization-RCE by chaosec公众号"
  links:
    - https://github.com/chaosec2021