nuclei-templates/security-misconfiguration/wamp-xdebug-detect.yaml

20 lines
514 B
YAML
Raw Normal View History

2020-08-03 03:44:37 +00:00
id: wamp-xdebug-detect
info:
name: WAMP xdebug
author: e_schultze_
severity: info
2020-08-03 06:09:41 +00:00
# Inspired on https://github.com/random-robbie/My-Shodan-Scripts/blob/1b01bceecc9be0b74b202f445874920eee48bba5/wamp-xdebug/wamp-xdebug.py
# Goal: detect if xdebug.remote_connect_back is enabled
2020-08-03 03:44:37 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/?phpinfo=-1"
matchers:
- type: word
words:
- 'xdebug.remote_connect_back</td><td class="v">On</td><td class="v">On</td>'
part: body