nuclei-templates/http/misconfiguration/laravel-debug-infoleak.yaml

54 lines
1.4 KiB
YAML
Raw Permalink Normal View History

2023-03-14 13:42:06 +00:00
id: laravel-debug-infoleak
2023-03-14 12:04:34 +00:00
info:
2023-03-17 11:21:52 +00:00
name: Laravel Debug Info Leak
2023-03-14 12:04:34 +00:00
author: pwnhxl
2023-03-17 11:21:52 +00:00
severity: medium
description: |
2023-03-17 12:07:29 +00:00
This template can be used to detect a Laravel debug information leak by making a POST-based request.
2023-03-14 12:04:34 +00:00
reference:
2023-03-17 11:26:14 +00:00
- https://github.com/dem0ns/improper/blob/master/laravel/5_debug/1.png
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cvss-score: 6.5
cwe-id: CWE-215
2023-03-14 12:04:34 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-10-14 11:27:55 +00:00
max-request: 1
2023-03-17 11:21:52 +00:00
shodan-query: Laravel-Framework
2023-03-14 13:42:06 +00:00
fofa-query: app="Laravel-Framework"
2023-03-17 11:21:52 +00:00
tags: misconfig,laravel,debug,infoleak
2023-03-14 12:04:34 +00:00
http:
2023-03-14 12:04:34 +00:00
- raw:
- |
2023-03-14 13:42:06 +00:00
POST / HTTP/1.1
2023-03-14 12:04:34 +00:00
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
2023-03-14 13:42:06 +00:00
part: body
2023-03-14 12:04:34 +00:00
words:
2023-03-17 11:21:52 +00:00
- 'vendor/laravel/framework/src/Illuminate/'
2023-03-14 13:42:06 +00:00
- 'MethodNotAllowedHttpException'
condition: and
2023-03-14 12:04:34 +00:00
- type: word
2023-03-14 13:42:06 +00:00
part: body
2023-03-14 12:04:34 +00:00
words:
2023-03-14 13:42:06 +00:00
- 'DB_PASSWORD'
- 'REDIS_PASSWORD'
- 'MAIL_PASSWORD'
- 'ALIYUN_ACCESSKEYSECRET'
- 'ALIYUN_ACCESSKEYID'
- 'SMS_AUTH_TOKEN'
- 'APP_KEY'
condition: or
2023-03-14 12:04:34 +00:00
- type: status
status:
2023-03-14 13:42:06 +00:00
- 405
# digest: 4a0a00473045022100efe35d703b8ce007284a549152d7642cbaa469dc719432098c9e359f0cdc9e5c02206f93a03a347968aef317624daa120c7827f1bdef918edeb7c5a7d9d50a968827:922c64590222798bb761d5b6d8e72950