nuclei-templates/miscellaneous/dir-listing.yaml

32 lines
706 B
YAML
Raw Normal View History

id: dir-listing
info:
name: Directory listing enabled
2021-06-09 12:20:56 +00:00
author: _harleo,pentest_swissky
2020-08-03 21:52:00 +00:00
severity: info
reference:
- https://portswigger.net/kb/issues/00600100_directory-listing
2021-08-11 07:59:46 +00:00
tags: misc,generic
requests:
- method: GET
2020-05-25 08:02:27 +00:00
path:
2021-01-13 07:31:46 +00:00
- "{{BaseURL}}"
2022-01-28 10:24:49 +00:00
matchers:
- type: word
2022-12-09 06:51:06 +00:00
part: body
2020-05-25 08:02:27 +00:00
words:
2022-12-09 06:51:06 +00:00
- "Directory listing for "
2020-04-09 12:44:55 +00:00
- "Index of /"
- "[To Parent Directory]"
- "Directory: /"
2022-12-09 06:51:06 +00:00
condition: or
- type: regex
part: body
regex:
- '\d{1,2}\/\d{1,2}\/\d{4}\s+\d+:\d+\s+[\sAPM]+(&lt;dir&gt;|\d+)\s+<[Aa]\s+[hH][rR][eE][fF]="\/'
- '\s+-\s+\/<\/(title|h1)>'
condition: and