58 行
1.3 KiB
JSON
58 行
1.3 KiB
JSON
{
|
|
"steps": [
|
|
{
|
|
"kind": "runner",
|
|
"tool": "undici.ssrf",
|
|
"status": "completed",
|
|
"status_code": 200,
|
|
"result_path": "/Users/x/websafe/06-case-studies/generated-runs/undici-undici--CVE-2022-32210-20260318040238/logs/attack.json"
|
|
}
|
|
],
|
|
"success": true,
|
|
"detail": "server-side callback reached the local sink",
|
|
"before": {},
|
|
"attack": {
|
|
"status_code": 200,
|
|
"ok": true,
|
|
"body": {
|
|
"ok": true,
|
|
"detail": "server-side callback reached the local sink",
|
|
"case_id": "undici--CVE-2022-32210"
|
|
}
|
|
},
|
|
"after": {},
|
|
"proof": {
|
|
"status_code": 200,
|
|
"ok": true,
|
|
"body": {
|
|
"success": true,
|
|
"detail": "server-side callback reached the local sink",
|
|
"case_id": "undici--CVE-2022-32210",
|
|
"sink_hits": 1,
|
|
"uploads": [],
|
|
"events": [
|
|
{
|
|
"event": "seed",
|
|
"detail": "undici--CVE-2022-32210"
|
|
},
|
|
{
|
|
"event": "sink-hit",
|
|
"detail": "case_id=undici--CVE-2022-32210"
|
|
},
|
|
{
|
|
"event": "attack",
|
|
"detail": "server-side callback reached the local sink"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"assertions": [
|
|
{
|
|
"name": "proof-success",
|
|
"kind": "runner-proof",
|
|
"passed": true,
|
|
"detail": "server-side callback reached the local sink"
|
|
}
|
|
]
|
|
}
|