erebus-templates icon indicating copy to clipboard operation
erebus-templates copied to clipboard

Published 20 hours ago verified publisher icon ethicalhackingplayground

Support for regex and multiple status code

Open hax0rgb opened this issue 3 years ago • 1 comments

It appears erebus does not support multiple status codes.

template:
   name: open-redirect
   severity: low
   author: gaurang
   description: Open Redirect

request:
   payloads: 
      - 'https://www.example.com'

   paths: false
response:
   statusCode: 
      - 301
      - 302
   patterns: 
      - 'Location: https://www.example.com'

The above template was validated using YAML Lint.

Running the above template, return the following error:

[ERR] yaml: unmarshal errors:
  line 14: cannot unmarshal !!seq into int
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x160862b]

Is there a template guide to create erebus templates?

Also, I believe regex isn't supported yet. The best way to match Open redirect pattern is by using regex.

hax0rgb avatar Aug 16 '21 06:08 hax0rgb