xray插件改良2-poc-yaml-dedecms-cve-2018-6910
前言
poc-yaml-dedecms-cve-2018-6910原始的yml
dedecms-cve-2018-6910.yml
name: poc-yaml-dedecms-cve-2018-6910
rules:
- method: GET
path: /include/downmix.inc.php
expression: |
response.status == 200 && response.body.bcontains(bytes("Fatal error")) && response.body.bcontains(bytes("downmix.inc.php")) && response.body.bcontains(bytes("Call to undefined function helper()"))
detail:
author: PickledFish(https://github.com/PickledFish)
links:
- https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md
这里实际上是不完善的,根据links的描述,能够泄露真实路劲的uri应该是两个