nuclei workflow

[ody5sey]

Please describe your feature request:
I want to send two request, If first request not match, Do not send second request

the template how to write?

[princechaddha]

If you do not want to send the second request when the first is not matched, you can use the flow in the templates. You can read more about it at Flow Documentation.

Example: CVE-2021-28164

id: CVE-2021-28164

info:
  name: Eclipse Jetty - Information Disclosure
  author: noamrathaus
  severity: medium
  description: |
    Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224 is susceptible to improper authorization. The default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. An attacker can access sensitive information regarding the implementation of a web application.
  tags: packetstorm,vulhub,cve,cve2021,jetty,exposure

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - "{{BaseURL}}/WEB-INF/web.xml"

    matchers:
      - type: dsl
        dsl:
          - "!contains_all(body, '</web-app>', 'java.sun.com')"
          - "!contains_all(header, 'application/xml')"
          - "status_code != 200"
          - "status_code != 404"
        condition: and

  - method: GET
    path:
      - "{{BaseURL}}/%2e/WEB-INF/web.xml"

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - "contains_all(body, '</web-app>', 'java.sun.com')"
          - "contains_all(header, 'application/xml')"
          - "status_code == 200"
        condition: and

# digest: 4b0a00483046022100fb979fa172a435357569cec19a73c11f50c79b436a1c2c5b9ad519095521cd8b022100f31ff912801a85890d5f6f2eb8e47975a5e5d526264965cb6d66593a39245e25:922c64590222798bb761d5b6d8e72950

[princechaddha]

@ody5sey You can ask for help related to templates in the nuclei-templates channel on our Discord. You can join our Discord server from here. It's a great place to connect with fellow contributors and stay updated with the latest developments.