| skipped 89 lines |
90 | 90 | | |
91 | 91 | | > 如果 rules 表达式都是 `||`关系,比如:r0() || r1() || r2() ... ,默认执行 `stop_if_match` 动作。同理,如果表达式都是 `&&` 关系,默认执行 `stop_if_mismatch` 动作。 |
92 | 92 | | |
| 93 | + | ### raw http |
| 94 | + | ```yaml |
| 95 | + | set: |
| 96 | + | hostname: request.url.host |
| 97 | + | rules: |
| 98 | + | r0: |
| 99 | + | request: |
| 100 | + | raw: | |
| 101 | + | GET .//WEB-INF/web.xml HTTP/1.1 |
| 102 | + | Host: {{hostname}} |
| 103 | + | User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0 |
| 104 | + | expression: response.status == 200 && response.body.bcontains(b'<web-app') && response.body.bcontains(b'</web-app>') && (response.raw_header.bcontains(b'application/xml') || response.raw_header.bcontains(b'text/xml')) |
| 105 | + | r1: |
| 106 | + | request: |
| 107 | + | raw: | |
| 108 | + | GET .//WEB-INF/weblogic.xml HTTP/1.1 |
| 109 | + | Host: {{hostname}} |
| 110 | + | User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0 |
| 111 | + | expression: response.status == 200 && response.body.bcontains(b'<weblogic-web-app') && response.body.bcontains(b'</weblogic-web-app>') && (response.raw_header.bcontains(b'application/xml') || response.raw_header.bcontains(b'text/xml')) |
| 112 | + | expression: r0() || r1() |
| 113 | + | ``` |
| 114 | + | raw: 顾名思义,支持原生 http 请求 |
93 | 115 | | # 免责声明 |
94 | 116 | | |
95 | 117 | | 本工具仅面向**合法授权**的企业安全建设行为,如您需要测试本工具的可用性,请自行搭建靶机环境。 |
| skipped 9 lines |