Closed 7rovu closed 7 months ago
https://github.com/chainreactors/neutron/blob/master/templates_gogo/impl.go:25和31行有bug,在循环中使用指针会导致requests中所有路径均指向最后一个路径:
e.g:使用如下poc会导致,进行两次/bbb/路径的请求
id: test info: name: test severity: info tags: http http: - method: GET path: - "{{BaseURL}}/aaa/" matchers: - type: word part: body words: - 'refresh' - method: GET path: - "{{BaseURL}}/bbb/" matchers: - type: word part: body words: - 'Found'
ref https://github.com/chainreactors/gogo/issues/52
M09Ic
commented
7 months ago
https://github.com/chainreactors/neutron/blob/master/templates_gogo/impl.go:25和31行有bug,在循环中使用指针会导致requests中所有路径均指向最后一个路径:
e.g:使用如下poc会导致,进行两次/bbb/路径的请求