nuclei-templates/http/misconfiguration/rack-mini-profiler.yaml

26 lines
758 B
YAML
Raw Normal View History

2020-06-01 18:47:29 +00:00
id: rack-mini-profiler
info:
name: rack-mini-profiler - Environment Information Disclosure
author: vzamanillo
severity: high
description: rack-mini-profiler is prone to environmental information disclosure which could help an attacker formulate additional attacks.
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: config,debug,rails,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/?pp=env"
2020-07-11 06:32:02 +00:00
matchers-condition: and
matchers:
- type: word
words:
- "Rack Environment"
2022-04-26 21:36:21 +00:00
- type: status
status:
- 200
# digest: 490a004630440220013a9738b2902ee1c439bc423dcb7582a024293cfb30854ccbdb45f03b341d4d0220749e9f34c86797db2f41037959f1a54cb8f7d8cf8576d26dfe0c675eb46aec73:922c64590222798bb761d5b6d8e72950