mirrors/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-07-13 21:02:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update etcd-v3-unauth.yml

Browse Source 
修复误报
This commit is contained in:
RJ45_LAB 2025-02-17 17:37:49 +08:00 committed by GitHub
parent 4aaa05f6a4
commit d05641a7fc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
WebScan/pocs/etcd-v3-unauth.yml
View File

@ -1,12 +1,14 @@
name: poc-yaml-etcd-v3-unauth name: ETCD V3未授权
rules: rules:
- method: GET - method: POST
path: /version path: /v3/kv/range
follow_redirects: false follow_redirects: false
Content-Type: application/json;charset=utf-8
expression: | expression: |
response.status == 200 && response.body.bcontains(b"etcdserver") response.status == 200 && response.body.bcontains(b"cluster") && response.body.bcontains(b"head")
body: |
{"key": "bmFtZQ=="}
detail: detail:
author: rj45(https://github.com/INT2ECALL) author: rj45(https://github.com/INT2ECALL)
links: links:
- https://networksec.blog.csdn.net/article/details/144912358?spm=1001.2014.3001.5502 - https://networksec.blog.csdn.net/article/details/144912358?spm=1001.2014.3001.5502