diff --git a/http/cves/2014/CVE-2014-4577.yaml b/http/cves/2014/CVE-2014-4577.yaml index b4312bd6167..a9be08ee8c7 100644 --- a/http/cves/2014/CVE-2014-4577.yaml +++ b/http/cves/2014/CVE-2014-4577.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2014/CVE-2014-4941.yaml b/http/cves/2014/CVE-2014-4941.yaml index 650b1574567..c96f0c730d1 100644 --- a/http/cves/2014/CVE-2014-4941.yaml +++ b/http/cves/2014/CVE-2014-4941.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2014/CVE-2014-5181.yaml b/http/cves/2014/CVE-2014-5181.yaml index dbd56585ddf..c04475bf8c3 100644 --- a/http/cves/2014/CVE-2014-5181.yaml +++ b/http/cves/2014/CVE-2014-5181.yaml @@ -27,9 +27,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2014/CVE-2014-5187.yaml b/http/cves/2014/CVE-2014-5187.yaml index d4a63b94e24..d9475682ec4 100644 --- a/http/cves/2014/CVE-2014-5187.yaml +++ b/http/cves/2014/CVE-2014-5187.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2015/CVE-2015-8562.yaml b/http/cves/2015/CVE-2015-8562.yaml index da2c828a90d..d0c150eed89 100644 --- a/http/cves/2015/CVE-2015-8562.yaml +++ b/http/cves/2015/CVE-2015-8562.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2016/CVE-2016-10993.yaml b/http/cves/2016/CVE-2016-10993.yaml index 7a4d874314c..dd8a271cee8 100644 --- a/http/cves/2016/CVE-2016-10993.yaml +++ b/http/cves/2016/CVE-2016-10993.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2017/CVE-2017-18590.yaml b/http/cves/2017/CVE-2017-18590.yaml index 13da0b17a54..20fa030b987 100644 --- a/http/cves/2017/CVE-2017-18590.yaml +++ b/http/cves/2017/CVE-2017-18590.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2017/CVE-2017-18598.yaml b/http/cves/2017/CVE-2017-18598.yaml index f7bb814ad32..958aa133f1b 100644 --- a/http/cves/2017/CVE-2017-18598.yaml +++ b/http/cves/2017/CVE-2017-18598.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2018/CVE-2018-10383.yaml b/http/cves/2018/CVE-2018-10383.yaml index fcd475e8c20..e4301f731ce 100644 --- a/http/cves/2018/CVE-2018-10383.yaml +++ b/http/cves/2018/CVE-2018-10383.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2019/CVE-2019-14470.yaml b/http/cves/2019/CVE-2019-14470.yaml index 16738e00801..e6856b3161c 100644 --- a/http/cves/2019/CVE-2019-14470.yaml +++ b/http/cves/2019/CVE-2019-14470.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2019/CVE-2019-16332.yaml b/http/cves/2019/CVE-2019-16332.yaml index 0f935095fe0..b9fe69ae110 100644 --- a/http/cves/2019/CVE-2019-16332.yaml +++ b/http/cves/2019/CVE-2019-16332.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2019/CVE-2019-17231.yaml b/http/cves/2019/CVE-2019-17231.yaml index 7fd2a5797d7..e434aaeb7e3 100644 --- a/http/cves/2019/CVE-2019-17231.yaml +++ b/http/cves/2019/CVE-2019-17231.yaml @@ -53,9 +53,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2019/CVE-2019-20504.yaml b/http/cves/2019/CVE-2019-20504.yaml index ab8a1ad6a3e..837610da628 100644 --- a/http/cves/2019/CVE-2019-20504.yaml +++ b/http/cves/2019/CVE-2019-20504.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2019/CVE-2019-7139.yaml b/http/cves/2019/CVE-2019-7139.yaml index 0442fd0922a..f4e7d940744 100644 --- a/http/cves/2019/CVE-2019-7139.yaml +++ b/http/cves/2019/CVE-2019-7139.yaml @@ -39,9 +39,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 matchers: diff --git a/http/cves/2019/CVE-2019-8943.yaml b/http/cves/2019/CVE-2019-8943.yaml index e204847e942..2621fce4855 100644 --- a/http/cves/2019/CVE-2019-8943.yaml +++ b/http/cves/2019/CVE-2019-8943.yaml @@ -85,9 +85,11 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex name: theme_name diff --git a/http/cves/2020/CVE-2020-10987.yaml b/http/cves/2020/CVE-2020-10987.yaml index c6437a7c8b0..d6d3baf1164 100644 --- a/http/cves/2020/CVE-2020-10987.yaml +++ b/http/cves/2020/CVE-2020-10987.yaml @@ -33,9 +33,11 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: diff --git a/http/cves/2020/CVE-2020-28653.yaml b/http/cves/2020/CVE-2020-28653.yaml index 1be41cd9499..4a86e863015 100644 --- a/http/cves/2020/CVE-2020-28653.yaml +++ b/http/cves/2020/CVE-2020-28653.yaml @@ -40,9 +40,11 @@ variables: flow: http(1) && http(2) && http(3) && http(4) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 3 diff --git a/http/cves/2020/CVE-2020-29395.yaml b/http/cves/2020/CVE-2020-29395.yaml index f6c473d81a3..305d115ed4c 100644 --- a/http/cves/2020/CVE-2020-29395.yaml +++ b/http/cves/2020/CVE-2020-29395.yaml @@ -43,9 +43,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2020/CVE-2020-5766.yaml b/http/cves/2020/CVE-2020-5766.yaml index c69efa44339..b8e8a3e6761 100644 --- a/http/cves/2020/CVE-2020-5766.yaml +++ b/http/cves/2020/CVE-2020-5766.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2021/CVE-2021-24274.yaml b/http/cves/2021/CVE-2021-24274.yaml index 54da8447e4e..c69f556949d 100644 --- a/http/cves/2021/CVE-2021-24274.yaml +++ b/http/cves/2021/CVE-2021-24274.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2021/CVE-2021-24364.yaml b/http/cves/2021/CVE-2021-24364.yaml index 73856a7e45d..906efbd9349 100644 --- a/http/cves/2021/CVE-2021-24364.yaml +++ b/http/cves/2021/CVE-2021-24364.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2021/CVE-2021-24407.yaml b/http/cves/2021/CVE-2021-24407.yaml index fb002443add..69f00f022cc 100644 --- a/http/cves/2021/CVE-2021-24407.yaml +++ b/http/cves/2021/CVE-2021-24407.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2021/CVE-2021-24522.yaml b/http/cves/2021/CVE-2021-24522.yaml index 73f41996d75..1ec02b74b8c 100644 --- a/http/cves/2021/CVE-2021-24522.yaml +++ b/http/cves/2021/CVE-2021-24522.yaml @@ -29,9 +29,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2021/CVE-2021-24527.yaml b/http/cves/2021/CVE-2021-24527.yaml index 64da664aa6c..ec17fe22c2c 100644 --- a/http/cves/2021/CVE-2021-24527.yaml +++ b/http/cves/2021/CVE-2021-24527.yaml @@ -28,8 +28,6 @@ info: publicwww-query: "/wp-content/plugins/profile-builder/" tags: cve,cve2021,wp,wp-plugin,wordpress,profile-builder,vkev,vuln -flow: http(1) && http(2) - variables: pass: "{{to_lower(rand_text_alpha(12))}}" path: "{{path}}" @@ -102,4 +100,4 @@ http: - type: dsl dsl: - pass -# digest: 4a0a00473045022100e51c00fee2431489a3771a41a81668e2945ce71308076ce7aa6abde3b50a222f0220685a334a107ad475b7fdcaa3c645f5f9e7e189f509df8b1da7dfa2bdeda4379f:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 490a00463044022008eb16c6a08d7290fb8b652cbc1687e609316cc368dc20438c6c7524c396d61102201b48638e94329d3a6cfff37a01f40bbd9cf702635efead5a9dffb28bba9ada4c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/http/cves/2021/CVE-2021-27748.yaml b/http/cves/2021/CVE-2021-27748.yaml index 34602ed198a..53240800e89 100644 --- a/http/cves/2021/CVE-2021-27748.yaml +++ b/http/cves/2021/CVE-2021-27748.yaml @@ -28,9 +28,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 matchers: diff --git a/http/cves/2021/CVE-2021-30175.yaml b/http/cves/2021/CVE-2021-30175.yaml index b1f04fce557..3f6153044c1 100644 --- a/http/cves/2021/CVE-2021-30175.yaml +++ b/http/cves/2021/CVE-2021-30175.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2021/CVE-2021-31316.yaml b/http/cves/2021/CVE-2021-31316.yaml index b379edd6aa5..750b9e7f35a 100644 --- a/http/cves/2021/CVE-2021-31316.yaml +++ b/http/cves/2021/CVE-2021-31316.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2021/CVE-2021-31324.yaml b/http/cves/2021/CVE-2021-31324.yaml index 5fe5c58b98d..3a18c66f390 100644 --- a/http/cves/2021/CVE-2021-31324.yaml +++ b/http/cves/2021/CVE-2021-31324.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2021/CVE-2021-36888.yaml b/http/cves/2021/CVE-2021-36888.yaml index b42b013429b..f3c523d8119 100644 --- a/http/cves/2021/CVE-2021-36888.yaml +++ b/http/cves/2021/CVE-2021-36888.yaml @@ -49,9 +49,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2021/CVE-2021-41467.yaml b/http/cves/2021/CVE-2021-41467.yaml index 25d1682a123..4032e905e52 100644 --- a/http/cves/2021/CVE-2021-41467.yaml +++ b/http/cves/2021/CVE-2021-41467.yaml @@ -30,9 +30,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 diff --git a/http/cves/2021/CVE-2021-4380.yaml b/http/cves/2021/CVE-2021-4380.yaml index 3d0a1579030..624d6426e3c 100644 --- a/http/cves/2021/CVE-2021-4380.yaml +++ b/http/cves/2021/CVE-2021-4380.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) && http(3) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl @@ -69,9 +70,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2022/CVE-2022-0479.yaml b/http/cves/2022/CVE-2022-0479.yaml index dcde032a084..8f116f086f0 100644 --- a/http/cves/2022/CVE-2022-0479.yaml +++ b/http/cves/2022/CVE-2022-0479.yaml @@ -30,9 +30,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true matchers: - type: dsl diff --git a/http/cves/2022/CVE-2022-25322.yaml b/http/cves/2022/CVE-2022-25322.yaml index 4b5af92e92d..7c053033169 100644 --- a/http/cves/2022/CVE-2022-25322.yaml +++ b/http/cves/2022/CVE-2022-25322.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2022/CVE-2022-28033.yaml b/http/cves/2022/CVE-2022-28033.yaml index 488ef96f919..e0d4eeb9eae 100644 --- a/http/cves/2022/CVE-2022-28033.yaml +++ b/http/cves/2022/CVE-2022-28033.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2022/CVE-2022-31101.yaml b/http/cves/2022/CVE-2022-31101.yaml index 24f7455903d..ae87dd86e1c 100644 --- a/http/cves/2022/CVE-2022-31101.yaml +++ b/http/cves/2022/CVE-2022-31101.yaml @@ -71,9 +71,11 @@ http: - compare_versions(version, '>= 2.0.0', '<= 2.1.0') internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 3 diff --git a/http/cves/2022/CVE-2022-31181.yaml b/http/cves/2022/CVE-2022-31181.yaml index 465adb6e711..c3efa1220a4 100644 --- a/http/cves/2022/CVE-2022-31181.yaml +++ b/http/cves/2022/CVE-2022-31181.yaml @@ -123,9 +123,10 @@ http: internal: true condition: and - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word @@ -153,9 +154,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word @@ -200,9 +202,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers-condition: and matchers: diff --git a/http/cves/2022/CVE-2022-34487.yaml b/http/cves/2022/CVE-2022-34487.yaml index e8606470620..eb7706e557b 100644 --- a/http/cves/2022/CVE-2022-34487.yaml +++ b/http/cves/2022/CVE-2022-34487.yaml @@ -49,9 +49,10 @@ http: - contains(body, 'oxi-confirmation-success') condition: and - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2022/CVE-2022-3805.yaml b/http/cves/2022/CVE-2022-3805.yaml index 6f34e9746d3..44aa493d130 100644 --- a/http/cves/2022/CVE-2022-3805.yaml +++ b/http/cves/2022/CVE-2022-3805.yaml @@ -62,11 +62,11 @@ http: - "(?mi)Stable tag: ([0-9.]+)" internal: true - - method: GET - path: - - "{{BaseURL}}/" - headers: - Content-Type: application/x-www-form-urlencoded + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded matchers: - type: dsl diff --git a/http/cves/2022/CVE-2022-4375.yaml b/http/cves/2022/CVE-2022-4375.yaml index b990f8ce83b..eebe5a71120 100644 --- a/http/cves/2022/CVE-2022-4375.yaml +++ b/http/cves/2022/CVE-2022-4375.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2022/CVE-2022-45699.yaml b/http/cves/2022/CVE-2022-45699.yaml index b00b27a8b7a..44fc10f3dfe 100644 --- a/http/cves/2022/CVE-2022-45699.yaml +++ b/http/cves/2022/CVE-2022-45699.yaml @@ -28,9 +28,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-2518.yaml b/http/cves/2023/CVE-2023-2518.yaml index 45b1cdc6c34..b97da277091 100644 --- a/http/cves/2023/CVE-2023-2518.yaml +++ b/http/cves/2023/CVE-2023-2518.yaml @@ -31,9 +31,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2023/CVE-2023-25280.yaml b/http/cves/2023/CVE-2023-25280.yaml index 2e436cbd7b2..061914bf6b8 100644 --- a/http/cves/2023/CVE-2023-25280.yaml +++ b/http/cves/2023/CVE-2023-25280.yaml @@ -32,9 +32,10 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-27034.yaml b/http/cves/2023/CVE-2023-27034.yaml index 40dec7325d1..b1eb0461df7 100644 --- a/http/cves/2023/CVE-2023-27034.yaml +++ b/http/cves/2023/CVE-2023-27034.yaml @@ -34,9 +34,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 3 matchers: diff --git a/http/cves/2023/CVE-2023-2745.yaml b/http/cves/2023/CVE-2023-2745.yaml index 9f93457b1a8..bf682cb8002 100644 --- a/http/cves/2023/CVE-2023-2745.yaml +++ b/http/cves/2023/CVE-2023-2745.yaml @@ -27,9 +27,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-27638.yaml b/http/cves/2023/CVE-2023-27638.yaml index 44b7917382d..fb421b34f94 100644 --- a/http/cves/2023/CVE-2023-27638.yaml +++ b/http/cves/2023/CVE-2023-27638.yaml @@ -30,9 +30,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-27847.yaml b/http/cves/2023/CVE-2023-27847.yaml index f5fc1280a68..c3f88987378 100644 --- a/http/cves/2023/CVE-2023-27847.yaml +++ b/http/cves/2023/CVE-2023-27847.yaml @@ -34,9 +34,11 @@ variables: num: "999999999" http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true matchers: diff --git a/http/cves/2023/CVE-2023-30192.yaml b/http/cves/2023/CVE-2023-30192.yaml index 53dff738d24..6b471238a1d 100644 --- a/http/cves/2023/CVE-2023-30192.yaml +++ b/http/cves/2023/CVE-2023-30192.yaml @@ -31,9 +31,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true matchers: diff --git a/http/cves/2023/CVE-2023-30194.yaml b/http/cves/2023/CVE-2023-30194.yaml index 38e40fccda7..8a4fe742ce9 100644 --- a/http/cves/2023/CVE-2023-30194.yaml +++ b/http/cves/2023/CVE-2023-30194.yaml @@ -33,9 +33,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 matchers: diff --git a/http/cves/2023/CVE-2023-3169.yaml b/http/cves/2023/CVE-2023-3169.yaml index a108875adb2..a523c92df3f 100644 --- a/http/cves/2023/CVE-2023-3169.yaml +++ b/http/cves/2023/CVE-2023-3169.yaml @@ -51,9 +51,11 @@ http: - 'contains(content_type, "application/json")' internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true max-redirects: 2 diff --git a/http/cves/2023/CVE-2023-3388.yaml b/http/cves/2023/CVE-2023-3388.yaml index 59ea8b6d901..9db44fd32ab 100644 --- a/http/cves/2023/CVE-2023-3388.yaml +++ b/http/cves/2023/CVE-2023-3388.yaml @@ -50,9 +50,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers-condition: and matchers: diff --git a/http/cves/2023/CVE-2023-3578.yaml b/http/cves/2023/CVE-2023-3578.yaml index 03849f5149a..d85e1354949 100644 --- a/http/cves/2023/CVE-2023-3578.yaml +++ b/http/cves/2023/CVE-2023-3578.yaml @@ -31,9 +31,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 matchers: diff --git a/http/cves/2023/CVE-2023-36284.yaml b/http/cves/2023/CVE-2023-36284.yaml index d8680c2998e..e67deb29a26 100644 --- a/http/cves/2023/CVE-2023-36284.yaml +++ b/http/cves/2023/CVE-2023-36284.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-39650.yaml b/http/cves/2023/CVE-2023-39650.yaml index 3a3accec0a3..9f5f7998f27 100644 --- a/http/cves/2023/CVE-2023-39650.yaml +++ b/http/cves/2023/CVE-2023-39650.yaml @@ -30,9 +30,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-3990.yaml b/http/cves/2023/CVE-2023-3990.yaml index 4d527117b39..f90d9faf5ed 100644 --- a/http/cves/2023/CVE-2023-3990.yaml +++ b/http/cves/2023/CVE-2023-3990.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-4151.yaml b/http/cves/2023/CVE-2023-4151.yaml index d547c674605..bbf7d2b839c 100644 --- a/http/cves/2023/CVE-2023-4151.yaml +++ b/http/cves/2023/CVE-2023-4151.yaml @@ -34,9 +34,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-4284.yaml b/http/cves/2023/CVE-2023-4284.yaml index e3a5dfb394e..756499f669f 100644 --- a/http/cves/2023/CVE-2023-4284.yaml +++ b/http/cves/2023/CVE-2023-4284.yaml @@ -32,9 +32,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2023/CVE-2023-43323.yaml b/http/cves/2023/CVE-2023-43323.yaml index ab6fb8f70fb..b85fcc6bb7b 100644 --- a/http/cves/2023/CVE-2023-43323.yaml +++ b/http/cves/2023/CVE-2023-43323.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-43373.yaml b/http/cves/2023/CVE-2023-43373.yaml index bb1a9c3f297..c5535e2d4f6 100644 --- a/http/cves/2023/CVE-2023-43373.yaml +++ b/http/cves/2023/CVE-2023-43373.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-45375.yaml b/http/cves/2023/CVE-2023-45375.yaml index 6322d470f02..99c1e9e15aa 100644 --- a/http/cves/2023/CVE-2023-45375.yaml +++ b/http/cves/2023/CVE-2023-45375.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-46455.yaml b/http/cves/2023/CVE-2023-46455.yaml index 0c2eefbfc4e..51a7a441837 100644 --- a/http/cves/2023/CVE-2023-46455.yaml +++ b/http/cves/2023/CVE-2023-46455.yaml @@ -35,9 +35,10 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-50094.yaml b/http/cves/2023/CVE-2023-50094.yaml index e777c4a6f60..522aab86ec5 100644 --- a/http/cves/2023/CVE-2023-50094.yaml +++ b/http/cves/2023/CVE-2023-50094.yaml @@ -32,9 +32,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-5558.yaml b/http/cves/2023/CVE-2023-5558.yaml index 5c3b01d140f..a236473fad3 100644 --- a/http/cves/2023/CVE-2023-5558.yaml +++ b/http/cves/2023/CVE-2023-5558.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2023/CVE-2023-5561.yaml b/http/cves/2023/CVE-2023-5561.yaml index 86e5029ff1e..8238e61084d 100644 --- a/http/cves/2023/CVE-2023-5561.yaml +++ b/http/cves/2023/CVE-2023-5561.yaml @@ -37,9 +37,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-5974.yaml b/http/cves/2023/CVE-2023-5974.yaml index 89bf715889a..f0bfa689325 100644 --- a/http/cves/2023/CVE-2023-5974.yaml +++ b/http/cves/2023/CVE-2023-5974.yaml @@ -31,9 +31,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2023/CVE-2023-6000.yaml b/http/cves/2023/CVE-2023-6000.yaml index 45f2a348594..c8d5c73f2ce 100644 --- a/http/cves/2023/CVE-2023-6000.yaml +++ b/http/cves/2023/CVE-2023-6000.yaml @@ -35,9 +35,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex name: popup_id diff --git a/http/cves/2023/CVE-2023-6444.yaml b/http/cves/2023/CVE-2023-6444.yaml index d8cc39d7447..bf405d727b8 100644 --- a/http/cves/2023/CVE-2023-6444.yaml +++ b/http/cves/2023/CVE-2023-6444.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2023/CVE-2023-7116.yaml b/http/cves/2023/CVE-2023-7116.yaml index 403c6d5a840..5689a1c870d 100644 --- a/http/cves/2023/CVE-2023-7116.yaml +++ b/http/cves/2023/CVE-2023-7116.yaml @@ -29,9 +29,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-0195.yaml b/http/cves/2024/CVE-2024-0195.yaml index 26a1da12b59..ef1c64943da 100644 --- a/http/cves/2024/CVE-2024-0195.yaml +++ b/http/cves/2024/CVE-2024-0195.yaml @@ -36,9 +36,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-10516.yaml b/http/cves/2024/CVE-2024-10516.yaml index 674459481a5..e8aa2593bb9 100644 --- a/http/cves/2024/CVE-2024-10516.yaml +++ b/http/cves/2024/CVE-2024-10516.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-11680.yaml b/http/cves/2024/CVE-2024-11680.yaml index 8bb2a696d15..4c7f67fb80b 100644 --- a/http/cves/2024/CVE-2024-11680.yaml +++ b/http/cves/2024/CVE-2024-11680.yaml @@ -43,9 +43,10 @@ variables: flow: http(1) && http(2) && http(3) && http(4) && http(5) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl @@ -86,9 +87,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl @@ -114,9 +116,10 @@ http: condition: and internal: true - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-11728.yaml b/http/cves/2024/CVE-2024-11728.yaml index 9271d891321..ec7babb7e92 100644 --- a/http/cves/2024/CVE-2024-11728.yaml +++ b/http/cves/2024/CVE-2024-11728.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-12209.yaml b/http/cves/2024/CVE-2024-12209.yaml index 76554f62485..42c97916729 100644 --- a/http/cves/2024/CVE-2024-12209.yaml +++ b/http/cves/2024/CVE-2024-12209.yaml @@ -34,9 +34,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-12849.yaml b/http/cves/2024/CVE-2024-12849.yaml index 965e1bc2140..5bd7e47d9f1 100644 --- a/http/cves/2024/CVE-2024-12849.yaml +++ b/http/cves/2024/CVE-2024-12849.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-13624.yaml b/http/cves/2024/CVE-2024-13624.yaml index 404e313ae8e..e8ab8d33deb 100644 --- a/http/cves/2024/CVE-2024-13624.yaml +++ b/http/cves/2024/CVE-2024-13624.yaml @@ -30,9 +30,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-13726.yaml b/http/cves/2024/CVE-2024-13726.yaml index 6610ac483a7..041417abea7 100644 --- a/http/cves/2024/CVE-2024-13726.yaml +++ b/http/cves/2024/CVE-2024-13726.yaml @@ -28,9 +28,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-13888.yaml b/http/cves/2024/CVE-2024-13888.yaml index a11ce562ed8..3cb28e5df1f 100644 --- a/http/cves/2024/CVE-2024-13888.yaml +++ b/http/cves/2024/CVE-2024-13888.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-21485.yaml b/http/cves/2024/CVE-2024-21485.yaml index cc71278b8f6..7a55986eb00 100644 --- a/http/cves/2024/CVE-2024-21485.yaml +++ b/http/cves/2024/CVE-2024-21485.yaml @@ -27,9 +27,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-22729.yaml b/http/cves/2024/CVE-2024-22729.yaml index 2d436744496..285cc1b5ef1 100644 --- a/http/cves/2024/CVE-2024-22729.yaml +++ b/http/cves/2024/CVE-2024-22729.yaml @@ -32,9 +32,10 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-24759.yaml b/http/cves/2024/CVE-2024-24759.yaml index 6ef91eccec7..1fec8438edc 100644 --- a/http/cves/2024/CVE-2024-24759.yaml +++ b/http/cves/2024/CVE-2024-24759.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-3032.yaml b/http/cves/2024/CVE-2024-3032.yaml index 410e7c613a7..723c13928bf 100644 --- a/http/cves/2024/CVE-2024-3032.yaml +++ b/http/cves/2024/CVE-2024-3032.yaml @@ -31,9 +31,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-30568.yaml b/http/cves/2024/CVE-2024-30568.yaml index 577dc9f5643..1682d83f94e 100644 --- a/http/cves/2024/CVE-2024-30568.yaml +++ b/http/cves/2024/CVE-2024-30568.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-31839.yaml b/http/cves/2024/CVE-2024-31839.yaml index 8f097730d5a..8370f9a209d 100644 --- a/http/cves/2024/CVE-2024-31839.yaml +++ b/http/cves/2024/CVE-2024-31839.yaml @@ -47,9 +47,11 @@ http: {{password}} -----------------------------7531776718188184812862255877-- - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex name: address diff --git a/http/cves/2024/CVE-2024-3552.yaml b/http/cves/2024/CVE-2024-3552.yaml index 82e6c355e05..cda2e7909b3 100644 --- a/http/cves/2024/CVE-2024-3552.yaml +++ b/http/cves/2024/CVE-2024-3552.yaml @@ -27,9 +27,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-36683.yaml b/http/cves/2024/CVE-2024-36683.yaml index a24fd93d067..11ec823be66 100644 --- a/http/cves/2024/CVE-2024-36683.yaml +++ b/http/cves/2024/CVE-2024-36683.yaml @@ -31,9 +31,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 3 matchers: diff --git a/http/cves/2024/CVE-2024-3673.yaml b/http/cves/2024/CVE-2024-3673.yaml index b9a42cedecc..367eb20dfa9 100644 --- a/http/cves/2024/CVE-2024-3673.yaml +++ b/http/cves/2024/CVE-2024-3673.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-36858.yaml b/http/cves/2024/CVE-2024-36858.yaml index a8b962fd6d3..482abe1079d 100644 --- a/http/cves/2024/CVE-2024-36858.yaml +++ b/http/cves/2024/CVE-2024-36858.yaml @@ -33,9 +33,10 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-3753.yaml b/http/cves/2024/CVE-2024-3753.yaml index 332671a736b..291fb364f4c 100644 --- a/http/cves/2024/CVE-2024-3753.yaml +++ b/http/cves/2024/CVE-2024-3753.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-41628.yaml b/http/cves/2024/CVE-2024-41628.yaml index 2a7643cdbc3..ee53e407505 100644 --- a/http/cves/2024/CVE-2024-41628.yaml +++ b/http/cves/2024/CVE-2024-41628.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-41810.yaml b/http/cves/2024/CVE-2024-41810.yaml index eb65047dac0..b0e24b98201 100644 --- a/http/cves/2024/CVE-2024-41810.yaml +++ b/http/cves/2024/CVE-2024-41810.yaml @@ -29,9 +29,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-43160.yaml b/http/cves/2024/CVE-2024-43160.yaml index cdbc2165029..04ab562b527 100644 --- a/http/cves/2024/CVE-2024-43160.yaml +++ b/http/cves/2024/CVE-2024-43160.yaml @@ -38,9 +38,10 @@ flow: | http(1) && http(2) && http(3) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-43919.yaml b/http/cves/2024/CVE-2024-43919.yaml index a288a51c6af..efe7f71eb91 100644 --- a/http/cves/2024/CVE-2024-43919.yaml +++ b/http/cves/2024/CVE-2024-43919.yaml @@ -35,9 +35,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 matchers: diff --git a/http/cves/2024/CVE-2024-4399.yaml b/http/cves/2024/CVE-2024-4399.yaml index 357f5c0c572..decc85fc932 100644 --- a/http/cves/2024/CVE-2024-4399.yaml +++ b/http/cves/2024/CVE-2024-4399.yaml @@ -29,9 +29,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-44000.yaml b/http/cves/2024/CVE-2024-44000.yaml index e414f1e7aac..ac4c19e7067 100644 --- a/http/cves/2024/CVE-2024-44000.yaml +++ b/http/cves/2024/CVE-2024-44000.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-48360.yaml b/http/cves/2024/CVE-2024-48360.yaml index 246b112e871..4c0df42b53b 100644 --- a/http/cves/2024/CVE-2024-48360.yaml +++ b/http/cves/2024/CVE-2024-48360.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-51482.yaml b/http/cves/2024/CVE-2024-51482.yaml index 463ab292f7e..ee9497c3145 100644 --- a/http/cves/2024/CVE-2024-51482.yaml +++ b/http/cves/2024/CVE-2024-51482.yaml @@ -32,9 +32,11 @@ info: flow: http(1) && http(2) && http(3) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-54330.yaml b/http/cves/2024/CVE-2024-54330.yaml index b6b59987834..650bcef921e 100644 --- a/http/cves/2024/CVE-2024-54330.yaml +++ b/http/cves/2024/CVE-2024-54330.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-54385.yaml b/http/cves/2024/CVE-2024-54385.yaml index 1ee86c121c5..70678cab759 100644 --- a/http/cves/2024/CVE-2024-54385.yaml +++ b/http/cves/2024/CVE-2024-54385.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-5765.yaml b/http/cves/2024/CVE-2024-5765.yaml index cb79e97cd18..01b8d288086 100644 --- a/http/cves/2024/CVE-2024-5765.yaml +++ b/http/cves/2024/CVE-2024-5765.yaml @@ -28,9 +28,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true max-redirects: 2 matchers: diff --git a/http/cves/2024/CVE-2024-58136.yaml b/http/cves/2024/CVE-2024-58136.yaml index c82ee748d09..eeaeb9d391b 100644 --- a/http/cves/2024/CVE-2024-58136.yaml +++ b/http/cves/2024/CVE-2024-58136.yaml @@ -33,9 +33,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-5947.yaml b/http/cves/2024/CVE-2024-5947.yaml index e9e681e4822..96aca6fdc28 100644 --- a/http/cves/2024/CVE-2024-5947.yaml +++ b/http/cves/2024/CVE-2024-5947.yaml @@ -28,9 +28,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6049.yaml b/http/cves/2024/CVE-2024-6049.yaml index 446832d2575..35483a62393 100644 --- a/http/cves/2024/CVE-2024-6049.yaml +++ b/http/cves/2024/CVE-2024-6049.yaml @@ -30,11 +30,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" - headers: - Host: "{{Hostname}" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname} host-redirects: true matchers: diff --git a/http/cves/2024/CVE-2024-6159.yaml b/http/cves/2024/CVE-2024-6159.yaml index 1f4d7c1e799..7c9996cce25 100644 --- a/http/cves/2024/CVE-2024-6159.yaml +++ b/http/cves/2024/CVE-2024-6159.yaml @@ -29,9 +29,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6366.yaml b/http/cves/2024/CVE-2024-6366.yaml index 69febbc4aa3..ae71630940a 100644 --- a/http/cves/2024/CVE-2024-6366.yaml +++ b/http/cves/2024/CVE-2024-6366.yaml @@ -31,9 +31,10 @@ variables: filename: "{{to_lower(rand_text_alpha(12))}}" http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6460.yaml b/http/cves/2024/CVE-2024-6460.yaml index 65b15bbd112..91ec643b49e 100644 --- a/http/cves/2024/CVE-2024-6460.yaml +++ b/http/cves/2024/CVE-2024-6460.yaml @@ -30,9 +30,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-6517.yaml b/http/cves/2024/CVE-2024-6517.yaml index 2a660be2c69..4ed9b529c4d 100644 --- a/http/cves/2024/CVE-2024-6517.yaml +++ b/http/cves/2024/CVE-2024-6517.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6651.yaml b/http/cves/2024/CVE-2024-6651.yaml index af1da1b6d6f..92249316287 100644 --- a/http/cves/2024/CVE-2024-6651.yaml +++ b/http/cves/2024/CVE-2024-6651.yaml @@ -30,9 +30,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2024/CVE-2024-6753.yaml b/http/cves/2024/CVE-2024-6753.yaml index 2610350fbf3..d5e043864b9 100644 --- a/http/cves/2024/CVE-2024-6753.yaml +++ b/http/cves/2024/CVE-2024-6753.yaml @@ -31,9 +31,10 @@ info: flow: (http(1) && http(2)) || (http(3) && http(4)) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6845.yaml b/http/cves/2024/CVE-2024-6845.yaml index 503334100e1..49667c9849d 100644 --- a/http/cves/2024/CVE-2024-6845.yaml +++ b/http/cves/2024/CVE-2024-6845.yaml @@ -29,9 +29,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6924.yaml b/http/cves/2024/CVE-2024-6924.yaml index d9982392eba..8f58f195303 100644 --- a/http/cves/2024/CVE-2024-6924.yaml +++ b/http/cves/2024/CVE-2024-6924.yaml @@ -26,9 +26,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6926.yaml b/http/cves/2024/CVE-2024-6926.yaml index 1293c5d68f9..a356357cb0c 100644 --- a/http/cves/2024/CVE-2024-6926.yaml +++ b/http/cves/2024/CVE-2024-6926.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-6928.yaml b/http/cves/2024/CVE-2024-6928.yaml index 708974b5df3..1decaa5beda 100644 --- a/http/cves/2024/CVE-2024-6928.yaml +++ b/http/cves/2024/CVE-2024-6928.yaml @@ -31,9 +31,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-7354.yaml b/http/cves/2024/CVE-2024-7354.yaml index 409bfd20a01..4399345e736 100644 --- a/http/cves/2024/CVE-2024-7354.yaml +++ b/http/cves/2024/CVE-2024-7354.yaml @@ -34,9 +34,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2024/CVE-2024-7854.yaml b/http/cves/2024/CVE-2024-7854.yaml index 8eeed92bfb3..50a9cae219f 100644 --- a/http/cves/2024/CVE-2024-7854.yaml +++ b/http/cves/2024/CVE-2024-7854.yaml @@ -34,9 +34,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-8484.yaml b/http/cves/2024/CVE-2024-8484.yaml index 7ccc9f1e375..999fdf2a2a1 100644 --- a/http/cves/2024/CVE-2024-8484.yaml +++ b/http/cves/2024/CVE-2024-8484.yaml @@ -35,9 +35,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-9061.yaml b/http/cves/2024/CVE-2024-9061.yaml index 53544a9d7a7..e2d8983ae0c 100644 --- a/http/cves/2024/CVE-2024-9061.yaml +++ b/http/cves/2024/CVE-2024-9061.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-9186.yaml b/http/cves/2024/CVE-2024-9186.yaml index 1f021965f4c..1ef14696426 100644 --- a/http/cves/2024/CVE-2024-9186.yaml +++ b/http/cves/2024/CVE-2024-9186.yaml @@ -32,9 +32,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-9234.yaml b/http/cves/2024/CVE-2024-9234.yaml index dd2bb2fe067..9cec53d1dd8 100644 --- a/http/cves/2024/CVE-2024-9234.yaml +++ b/http/cves/2024/CVE-2024-9234.yaml @@ -35,9 +35,10 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-9593.yaml b/http/cves/2024/CVE-2024-9593.yaml index 324c740455c..6475cfeb033 100644 --- a/http/cves/2024/CVE-2024-9593.yaml +++ b/http/cves/2024/CVE-2024-9593.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-9935.yaml b/http/cves/2024/CVE-2024-9935.yaml index d62059d96c4..98e170f17f0 100644 --- a/http/cves/2024/CVE-2024-9935.yaml +++ b/http/cves/2024/CVE-2024-9935.yaml @@ -34,9 +34,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2024/CVE-2024-9989.yaml b/http/cves/2024/CVE-2024-9989.yaml index 21c7db6c16b..aa7771054d8 100644 --- a/http/cves/2024/CVE-2024-9989.yaml +++ b/http/cves/2024/CVE-2024-9989.yaml @@ -37,9 +37,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2025/CVE-2025-13486.yaml b/http/cves/2025/CVE-2025-13486.yaml index ab33876c235..e194ec9da27 100644 --- a/http/cves/2025/CVE-2025-13486.yaml +++ b/http/cves/2025/CVE-2025-13486.yaml @@ -32,9 +32,11 @@ variables: flow: http(1) && http(2) && http(3) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex part: body diff --git a/http/cves/2025/CVE-2025-24016.yaml b/http/cves/2025/CVE-2025-24016.yaml index ebde857b363..db4ec49147c 100644 --- a/http/cves/2025/CVE-2025-24016.yaml +++ b/http/cves/2025/CVE-2025-24016.yaml @@ -36,9 +36,10 @@ variables: payload: '{"__unhandled_exc__":{"__class__": "NotARealClass", "__args__": []}}' http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2025/CVE-2025-24813.yaml b/http/cves/2025/CVE-2025-24813.yaml index 1abeb148704..267f98b463f 100644 --- a/http/cves/2025/CVE-2025-24813.yaml +++ b/http/cves/2025/CVE-2025-24813.yaml @@ -52,9 +52,11 @@ variables: filename: "{{randbase(6)}}" http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2025/CVE-2025-2539.yaml b/http/cves/2025/CVE-2025-2539.yaml index d213b6391b3..f0ee426e2ae 100644 --- a/http/cves/2025/CVE-2025-2539.yaml +++ b/http/cves/2025/CVE-2025-2539.yaml @@ -32,9 +32,11 @@ info: flow: http(1) && http(2) && http(3) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex name: nonce diff --git a/http/cves/2025/CVE-2025-28906.yaml b/http/cves/2025/CVE-2025-28906.yaml index 97dd968daed..647ba577066 100644 --- a/http/cves/2025/CVE-2025-28906.yaml +++ b/http/cves/2025/CVE-2025-28906.yaml @@ -30,9 +30,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/cves/2025/CVE-2025-29927.yaml b/http/cves/2025/CVE-2025-29927.yaml index be36fbce7ff..7f906acbfd9 100644 --- a/http/cves/2025/CVE-2025-29927.yaml +++ b/http/cves/2025/CVE-2025-29927.yaml @@ -48,11 +48,11 @@ flow: | base_check() || endpoint_check() http: - - method: GET - path: - - "{{BaseURL}}/" - headers: - X-Nextjs-Data: 1 + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + X-Nextjs-Data: 1 matchers-condition: and matchers: @@ -74,12 +74,12 @@ http: regex: - "(?i)(x-nextjs-redirect|x-middleware-rewrite|x-nextjs-rewrite): (.*)" - - method: GET - path: - - "{{BaseURL}}/" - headers: - X-Nextjs-Data: 1 - X-Middleware-Subrequest: src/middleware:nowaf:src/middleware:src/middleware:src/middleware:src/middleware:middleware:middleware:nowaf:middleware:middleware:middleware:pages/_middleware + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + X-Nextjs-Data: 1 + X-Middleware-Subrequest: src/middleware:nowaf:src/middleware:src/middleware:src/middleware:src/middleware:middleware:middleware:nowaf:middleware:middleware:middleware:pages/_middleware matchers: - type: status diff --git a/http/cves/2025/CVE-2025-34141.yaml b/http/cves/2025/CVE-2025-34141.yaml index f969d511832..761ec86ba38 100644 --- a/http/cves/2025/CVE-2025-34141.yaml +++ b/http/cves/2025/CVE-2025-34141.yaml @@ -40,9 +40,11 @@ flow: | } http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex part: header diff --git a/http/cves/2025/CVE-2025-34291.yaml b/http/cves/2025/CVE-2025-34291.yaml index 663c5d7da75..d0503fce979 100644 --- a/http/cves/2025/CVE-2025-34291.yaml +++ b/http/cves/2025/CVE-2025-34291.yaml @@ -33,9 +33,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2025/CVE-2025-45854.yaml b/http/cves/2025/CVE-2025-45854.yaml index 4166847cda7..0c905c7edfd 100644 --- a/http/cves/2025/CVE-2025-45854.yaml +++ b/http/cves/2025/CVE-2025-45854.yaml @@ -29,9 +29,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: word diff --git a/http/cves/2025/CVE-2025-46822.yaml b/http/cves/2025/CVE-2025-46822.yaml index 8e013d81212..614e836b54e 100644 --- a/http/cves/2025/CVE-2025-46822.yaml +++ b/http/cves/2025/CVE-2025-46822.yaml @@ -27,11 +27,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" - headers: - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 matchers: - type: dsl diff --git a/http/cves/2025/CVE-2025-47423.yaml b/http/cves/2025/CVE-2025-47423.yaml index 068b1ef445c..3d815b2d5bb 100644 --- a/http/cves/2025/CVE-2025-47423.yaml +++ b/http/cves/2025/CVE-2025-47423.yaml @@ -28,9 +28,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/cves/2025/CVE-2025-49113.yaml b/http/cves/2025/CVE-2025-49113.yaml index 285dea8f656..dc7da2c712c 100644 --- a/http/cves/2025/CVE-2025-49113.yaml +++ b/http/cves/2025/CVE-2025-49113.yaml @@ -91,9 +91,11 @@ http: - contains(body, "rcversion") condition: and - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + extractors: - type: regex part: body diff --git a/http/cves/2025/CVE-2025-56266.yaml b/http/cves/2025/CVE-2025-56266.yaml index 4400b2ff9bb..203854d889c 100644 --- a/http/cves/2025/CVE-2025-56266.yaml +++ b/http/cves/2025/CVE-2025-56266.yaml @@ -21,9 +21,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: - type: dsl @@ -31,11 +33,10 @@ http: - 'contains_all(body, "Avigilon", "Access Control Manager")' internal: true - - method: GET - path: - - "{{BaseURL}}/" - headers: - Host: "{{randstr}}.tld" + - raw: + - | + GET / HTTP/1.1 + Host: {{randstr}}.tld matchers-condition: and matchers: diff --git a/http/cves/2025/CVE-2025-6934.yaml b/http/cves/2025/CVE-2025-6934.yaml index 00c5bf69cf8..340f7be83be 100644 --- a/http/cves/2025/CVE-2025-6934.yaml +++ b/http/cves/2025/CVE-2025-6934.yaml @@ -36,9 +36,10 @@ variables: email: "{{randstr}}@{{rand_base(5)}}.com" http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/exposures/files/vtigercrm-data-exposed.yaml b/http/exposures/files/vtigercrm-data-exposed.yaml index 131b265d654..f111476e1cb 100644 --- a/http/exposures/files/vtigercrm-data-exposed.yaml +++ b/http/exposures/files/vtigercrm-data-exposed.yaml @@ -17,9 +17,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/misconfiguration/directory-listing-no-host-header.yaml b/http/misconfiguration/directory-listing-no-host-header.yaml index 8278fbf1d71..5f04dd4271b 100644 --- a/http/misconfiguration/directory-listing-no-host-header.yaml +++ b/http/misconfiguration/directory-listing-no-host-header.yaml @@ -14,9 +14,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/imo/imo-rce.yaml b/http/vulnerabilities/imo/imo-rce.yaml index f10e916b44e..d15b4ff7a7f 100644 --- a/http/vulnerabilities/imo/imo-rce.yaml +++ b/http/vulnerabilities/imo/imo-rce.yaml @@ -20,9 +20,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + host-redirects: true max-redirects: 2 matchers: diff --git a/http/vulnerabilities/other/easycvr-arbitrary-file-read.yaml b/http/vulnerabilities/other/easycvr-arbitrary-file-read.yaml index 322288cfa6c..f2264b0df80 100644 --- a/http/vulnerabilities/other/easycvr-arbitrary-file-read.yaml +++ b/http/vulnerabilities/other/easycvr-arbitrary-file-read.yaml @@ -19,9 +19,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/other/elgg-sqli.yaml b/http/vulnerabilities/other/elgg-sqli.yaml index 7a894655849..89a56c728d4 100644 --- a/http/vulnerabilities/other/elgg-sqli.yaml +++ b/http/vulnerabilities/other/elgg-sqli.yaml @@ -20,9 +20,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml b/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml index 86ecbcb8e09..df005ff32cf 100644 --- a/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml +++ b/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml @@ -19,9 +19,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/other/fumengyun-sqli.yaml b/http/vulnerabilities/other/fumengyun-sqli.yaml index 3d40846c032..a0245f4f403 100644 --- a/http/vulnerabilities/other/fumengyun-sqli.yaml +++ b/http/vulnerabilities/other/fumengyun-sqli.yaml @@ -27,9 +27,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/other/mcms-search-xss.yaml b/http/vulnerabilities/other/mcms-search-xss.yaml index 45db7eb2066..e2e737e8396 100644 --- a/http/vulnerabilities/other/mcms-search-xss.yaml +++ b/http/vulnerabilities/other/mcms-search-xss.yaml @@ -30,9 +30,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/other/nsfocus-auth-bypass.yaml b/http/vulnerabilities/other/nsfocus-auth-bypass.yaml index 559c7152861..5761b5c05e3 100644 --- a/http/vulnerabilities/other/nsfocus-auth-bypass.yaml +++ b/http/vulnerabilities/other/nsfocus-auth-bypass.yaml @@ -17,9 +17,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true max-redirects: 2 matchers: diff --git a/http/vulnerabilities/other/raisecom-rce.yaml b/http/vulnerabilities/other/raisecom-rce.yaml index 65624549867..576ee036259 100644 --- a/http/vulnerabilities/other/raisecom-rce.yaml +++ b/http/vulnerabilities/other/raisecom-rce.yaml @@ -23,9 +23,10 @@ variables: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/other/xhibiter-nft-sqli.yaml b/http/vulnerabilities/other/xhibiter-nft-sqli.yaml index 0f13955fbfa..21d4f956c9b 100644 --- a/http/vulnerabilities/other/xhibiter-nft-sqli.yaml +++ b/http/vulnerabilities/other/xhibiter-nft-sqli.yaml @@ -18,9 +18,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/totolink-boaform-rce.yaml b/http/vulnerabilities/totolink-boaform-rce.yaml index 87ed701070d..49d9cacd5c9 100644 --- a/http/vulnerabilities/totolink-boaform-rce.yaml +++ b/http/vulnerabilities/totolink-boaform-rce.yaml @@ -19,9 +19,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl diff --git a/http/vulnerabilities/wordpress/ninja-forms-xss.yaml b/http/vulnerabilities/wordpress/ninja-forms-xss.yaml index 46596d79edb..3d1d081bc4e 100644 --- a/http/vulnerabilities/wordpress/ninja-forms-xss.yaml +++ b/http/vulnerabilities/wordpress/ninja-forms-xss.yaml @@ -30,9 +30,10 @@ info: flow: http(1) && http(2) && http(3) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/wordpress/vrview-xss.yaml b/http/vulnerabilities/wordpress/vrview-xss.yaml index 15a794c3680..005cd90214c 100644 --- a/http/vulnerabilities/wordpress/vrview-xss.yaml +++ b/http/vulnerabilities/wordpress/vrview-xss.yaml @@ -16,9 +16,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/wordpress/wp-finder-xss.yaml b/http/vulnerabilities/wordpress/wp-finder-xss.yaml index a2d87d6ebeb..95f40e20153 100644 --- a/http/vulnerabilities/wordpress/wp-finder-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-finder-xss.yaml @@ -18,9 +18,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/wordpress/wp-flagem-xss.yaml b/http/vulnerabilities/wordpress/wp-flagem-xss.yaml index deb79e23104..2bbd4f4744f 100644 --- a/http/vulnerabilities/wordpress/wp-flagem-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-flagem-xss.yaml @@ -19,9 +19,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/wordpress/wp-ninja-tables-lfi.yaml b/http/vulnerabilities/wordpress/wp-ninja-tables-lfi.yaml index 5df30aeb467..6c8e815c0bb 100644 --- a/http/vulnerabilities/wordpress/wp-ninja-tables-lfi.yaml +++ b/http/vulnerabilities/wordpress/wp-ninja-tables-lfi.yaml @@ -24,9 +24,11 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} + redirects: true matchers: diff --git a/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml b/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml index 905896fed4a..6e89453cf0f 100644 --- a/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml @@ -19,9 +19,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word diff --git a/http/vulnerabilities/wordpress/wp-vr-view-xss.yaml b/http/vulnerabilities/wordpress/wp-vr-view-xss.yaml index 0111cc8ebac..6341abb6f5b 100644 --- a/http/vulnerabilities/wordpress/wp-vr-view-xss.yaml +++ b/http/vulnerabilities/wordpress/wp-vr-view-xss.yaml @@ -16,9 +16,10 @@ info: flow: http(1) && http(2) http: - - method: GET - path: - - "{{BaseURL}}/" + - raw: + - | + GET / HTTP/1.1 + Host: {{Hostname}} matchers: - type: word