add Hard-coded IP

FeeiCN · Aug 11, 2017 · 8a217ca · 8a217ca
1 parent 3b169cd
commit 8a217ca
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/rules/CVI-130005.xml b/rules/CVI-130005.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<cobra document="https://github.com/wufeifei/cobra">
+    <name value="硬编码IP"/>
+    <language value="*"/>
+    <match mode="regex-only-match"><![CDATA[((25[0-5]|2[0-4][0-9]|[01]?[0-9]{2}?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))]]></match>
+    <level value="4"/>
+    <solution>
+        ## 安全风险
+        硬编码IP
+
+        ## 修复方案
+        移到配置文件中
+    </solution>
+    <test>
+        <case assert="true"><![CDATA[192.168.1.1]]></case>
+        <case assert="true"><![CDATA[127.0.0.1]]></case>
+        <case assert="true"><![CDATA[103.21.140.84]]></case>
+        <case assert="true"><![CDATA[10.11.2.220]]></case>
+        <case assert="true"><![CDATA[14.0.0.0]]></case>
+        <case assert="true"><![CDATA[192.168.1.1]]></case>
+
+        <case assert="false"><![CDATA[1.2.3.4]]></case>
+        <case assert="false"><![CDATA[13.11.2]]></case>
+        <case assert="false"><![CDATA[3.3.0.1]]></case>
+        <case assert="false"><![CDATA[1.0.1.0]]></case>
+        <case assert="false"><![CDATA[1.4.16.0]]></case>
+        <case assert="false"><![CDATA[1.204.0.0]]></case>
+    </test>
+    <status value="on"/>
+    <author name="Feei" email="[email protected]"/>
+</cobra>
diff --git a/tests/vulnerabilities/v.php b/tests/vulnerabilities/v.php
@@ -9,6 +9,9 @@
 $password = $_POST['password'];
 $callback = $_POST['callback'];
 
+# CVI-130005
+$target = "10.11.2.220";
+
 $cmd = $_REQUEST['a']
 
 print($callback);