Automate Cache Poisoning Vulnerability

时间:2021-07-05 18:59:59   收藏:0   阅读:0

https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning

id: cache-poisoning    

info:
  name: Cache Poisoning
  author: melbadry9 & xelkomy
  severity: low

requests:
  - raw:
      - |
        GET /?mel=9 HTTP/1.1
        X-Forwarded-Prefix: cache.melbadry9.com
        X-Forwarded-Host: cache.melbadry9.com
        X-Forwarded-For: cache.melbadry9.com

      - |
        GET /?mel=9 HTTP/1.1

    req-condition: true
    matchers:
      - type: dsl
        dsl:
          - ‘contains(body_2, "cache.melbadry9.com") == true‘

评论(0
© 2014 mamicode.com 版权所有 京ICP备13008772号-2  联系我们:gaon5@hotmail.com
迷上了代码!