fscan/Web_Scan/pocs/kong-cve-2020-11710-unauth.yml

name: poc-yaml-kong-cve-2020-11710-unauth
rules:
  - method: GET
    path: /
    expression: |
      response.status == 200 && response.body.bcontains(b"kong_env")      
  - method: GET
    path: /status
    expression: |
      response.status == 200 && response.body.bcontains(b"kong_db_cache_miss")      
detail:
  author: Loneyer
  links:
    - https://mp.weixin.qq.com/s/Ttpe63H9lQe87Uk0VOyMFw