fscan/WebScan/pocs/dedecms-url-redirection.yml

name: poc-yaml-dedecms-url-redirection
rules:
  - method: GET
    path: >-
      /plus/download.php?open=1&link=aHR0cHM6Ly93d3cuZHUxeDNyMTIuY29t      
    follow_redirects: false
    expression: >
      response.status == 302 && response.headers["location"] == "https://www.du1x3r12.com"      
detail:
  author: cc_ci(https://github.com/cc8ci)
  Affected Version: "V5.7 sp1"
  links:
    - https://blog.csdn.net/ystyaoshengting/article/details/82734888