nuclei-templates/http/exposures/files/django-secret-key.yaml

51 lines
1.4 KiB
YAML
Raw Normal View History

2022-06-05 21:05:46 +00:00
id: django-secret-key
info:
2022-06-06 11:52:25 +00:00
name: Django Secret Key Exposure
author: geeknik,DhiyaneshDk
2022-06-05 21:05:46 +00:00
severity: high
description: The Django settings.py file containing a secret key was discovered. An attacker may use the secret key to bypass many security mechanisms and potentially obtain other sensitive configuration information (such as database password) from the settings file.
2022-06-05 21:05:46 +00:00
reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key
metadata:
verified: true
2023-10-14 11:27:55 +00:00
max-request: 5
2022-06-05 21:05:46 +00:00
shodan-query: html:settings.py
2022-10-13 10:12:07 +00:00
tags: django,exposure,files
2022-06-05 21:05:46 +00:00
http:
2022-06-05 21:05:46 +00:00
- method: GET
path:
- "{{BaseURL}}/settings.py"
- "{{BaseURL}}/app/settings.py"
- "{{BaseURL}}/django/settings.py"
- "{{BaseURL}}/settings/settings.py"
- "{{BaseURL}}/web/settings/settings.py"
2022-06-06 11:52:25 +00:00
stop-at-first-match: true
2023-10-14 11:27:55 +00:00
2022-06-05 21:05:46 +00:00
matchers-condition: and
matchers:
- type: word
part: body
words:
- "SECRET_KEY ="
2022-06-06 11:52:25 +00:00
2022-06-05 21:05:46 +00:00
- type: word
part: header
words:
- "text/html"
negative: true
2022-06-06 11:52:25 +00:00
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '"DJANGO_SECRET_KEY", "(.*)"'
# digest: 4b0a00483046022100ee698b610a4093e54131c56890fc37e0a997d59e5485ab8450e0370d618019e2022100b70476a9edb09a2f441223350ef9467376345e4f1edd19e27c1e53f1c1566e40:922c64590222798bb761d5b6d8e72950