nuclei-templates/http/exposures/logs/php-debug-bar.yaml

35 lines
706 B
YAML
Raw Normal View History

2021-05-09 06:29:35 +00:00
id: php-debug-bar
2021-05-09 06:29:35 +00:00
info:
name: PHP Debug Bar
2021-05-09 06:29:35 +00:00
author: dhiyaneshDk
2021-05-11 17:36:18 +00:00
severity: high
2023-03-27 08:38:23 +00:00
description: The PHP Debug Bar tool was discovered, which allows the attacker to obtain sensitive information, e.g. application configuration.
2021-05-11 17:36:18 +00:00
tags: debug,logs,exposure
metadata:
max-request: 1
2021-05-09 06:29:35 +00:00
http:
2021-05-09 06:29:35 +00:00
- method: GET
path:
- "{{BaseURL}}/_debugbar/open?max=20&offset=0"
2021-05-11 17:36:18 +00:00
2021-05-09 06:29:35 +00:00
matchers-condition: and
matchers:
- type: status
status:
- 200
2021-05-11 17:36:18 +00:00
2021-05-09 06:29:35 +00:00
- type: word
words:
2021-05-11 17:36:18 +00:00
- '"id":"'
- '"datetime":'
- '"method"'
2021-05-09 06:29:35 +00:00
condition: and
2021-05-11 17:36:18 +00:00
part: body
- type: word
words:
- "application/json"
part: header