nuclei-templates/http/misconfiguration/root-path-disclosure.yaml

38 lines
1.0 KiB
YAML
Raw Normal View History

2024-09-04 14:34:46 +00:00
id: root-path-disclosure
info:
name: ROOT - Path Disclosure
author: soltanali0,ArganexEmad
severity: high
description: |
Detects potential exposure of sensitive file paths like /000~ROOT~000/.
metadata:
verified: true
max-request: 4
2024-10-15 08:01:52 +00:00
tags: misconfig,exposure,info-leak,listing,lfr
2024-09-04 14:34:46 +00:00
http:
- method: GET
path:
- "{{BaseURL}}/home/000~ROOT~000/etc/passwd"
- "{{BaseURL}}/000~ROOT~000/etc/passwd"
- "{{BaseURL}}/OLDS/home/000~ROOT~000/etc/passwd"
- "{{BaseURL}}/app/webroot/files/kcfinder/files/home/000~ROOT~000/etc/passwd"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: regex
part: body
regex:
2024-10-08 09:23:11 +00:00
- "^root:.*:0:0:"
- type: regex
part: accept_ranges
regex:
- "bytes"
2024-09-04 14:34:46 +00:00
- type: status
status:
- 200
2024-10-15 09:04:47 +00:00
# digest: 4b0a004830460221009b4e9101d1f7d2ca2655255b58fa8200358289497f1a6093cb49884816de63b6022100f2a74c6c7829b157266e4cd4ddd96d1cffdc08ab963db579b0d18b3697d16919:922c64590222798bb761d5b6d8e72950