Automate Cache Poisoning Vulnerability
时间:2021-07-05 18:59:59
收藏:0
阅读:0
https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning
id: cache-poisoning
info:
name: Cache Poisoning
author: melbadry9 & xelkomy
severity: low
requests:
- raw:
- |
GET /?mel=9 HTTP/1.1
X-Forwarded-Prefix: cache.melbadry9.com
X-Forwarded-Host: cache.melbadry9.com
X-Forwarded-For: cache.melbadry9.com
- |
GET /?mel=9 HTTP/1.1
req-condition: true
matchers:
- type: dsl
dsl:
- ‘contains(body_2, "cache.melbadry9.com") == true‘
评论(0)