admin/fscan
1
0
Fork 0
mirror of https://github.com/shadow1ng/fscan.git synced 2025-06-02 11:40:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update etcd-v3-unauth.yml

Browse Source 
修复误报
This commit is contained in:
RJ45_LAB 2025-02-17 17:37:49 +08:00 committed by GitHub
parent 4aaa05f6a4
commit d05641a7fc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
WebScan/pocs/etcd-v3-unauth.yml
View File

@ -1,12 +1,14 @@
name: poc-yaml-etcd-v3-unauth
name: ETCD V3未授权
rules:
- method: GET
path: /version
- method: POST
path: /v3/kv/range
follow_redirects: false
Content-Type: application/json;charset=utf-8
expression: |
response.status == 200 && response.body.bcontains(b"etcdserver")
response.status == 200 && response.body.bcontains(b"cluster") && response.body.bcontains(b"head")
body: |
{"key": "bmFtZQ=="}
detail:
author: rj45(https://github.com/INT2ECALL)
links:
- https://networksec.blog.csdn.net/article/details/144912358?spm=1001.2014.3001.5502
- https://networksec.blog.csdn.net/article/details/144912358?spm=1001.2014.3001.5502