nuclei-templates/exposures/configs/django-variables-exposed.yaml

id: django-variables-exposed

info:
  name: Exposed Django variables
  author: nobody
  severity: info
  description: Detects suspicious Django web application framework exceptions that could indicate exploitation attempts
  reference:
    - https://docs.djangoproject.com/en/1.11/ref/exceptions/
    - https://docs.djangoproject.com/en/1.11/topics/logging/#django-security
    - https://github.com/projectdiscovery/nuclei-templates/blob/master/file/logs/django-framework-exceptions.yaml
  metadata:
    verified: true
  tags: exposure,config,django

requests:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'seeing this error because you have <code>DEBUG = True</code>'
          - 'SuspiciousOperation'
          - 'DisallowedHost'
          - 'DisallowedModelAdminLookup'
          - 'DisallowedModelAdminToField'
          - 'DisallowedRedirect'
          - 'InvalidSessionKey'
          - 'RequestDataTooBig'
          - 'SuspiciousFileOperation'
          - 'SuspiciousMultipartForm'
          - 'SuspiciousSession'
          - 'TooManyFieldsSent'
          - 'PermissionDenied'
        condition: or

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 400
Update and rename exposed-django-variable.yaml to django-variables-exposed.yaml 2022-08-25 06:22:48 +00:00			`id: django-variables-exposed`
add django variables exposure template 2022-08-12 04:47:07 +00:00
			`info:`
Update and rename django-framework-exceptions-http.yaml to exposed-django-variable.yaml 2022-08-21 11:55:03 +00:00			`name: Exposed Django variables`
add django variables exposure template 2022-08-12 04:47:07 +00:00			`author: nobody`
Update and rename exposed-django-variable.yaml to django-variables-exposed.yaml 2022-08-25 06:22:48 +00:00			`severity: info`
Update django-framework-exceptions-http.yaml Remove trailing space 2022-08-20 15:57:42 +00:00			`description: Detects suspicious Django web application framework exceptions that could indicate exploitation attempts`
add django variables exposure template 2022-08-12 04:47:07 +00:00			`reference:`
Minor improvements 2022-08-20 08:29:01 +00:00			`- https://docs.djangoproject.com/en/1.11/ref/exceptions/`
			`- https://docs.djangoproject.com/en/1.11/topics/logging/#django-security`
			`- https://github.com/projectdiscovery/nuclei-templates/blob/master/file/logs/django-framework-exceptions.yaml`
Update and rename django-framework-exceptions-http.yaml to exposed-django-variable.yaml 2022-08-21 11:55:03 +00:00			`metadata:`
			`verified: true`
Update and rename exposed-django-variable.yaml to django-variables-exposed.yaml 2022-08-25 06:22:48 +00:00			`tags: exposure,config,django`
add django variables exposure template 2022-08-12 04:47:07 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- 'seeing this error because you have <code>DEBUG = True</code>'`
			`- 'SuspiciousOperation'`
			`- 'DisallowedHost'`
			`- 'DisallowedModelAdminLookup'`
			`- 'DisallowedModelAdminToField'`
			`- 'DisallowedRedirect'`
			`- 'InvalidSessionKey'`
			`- 'RequestDataTooBig'`
			`- 'SuspiciousFileOperation'`
			`- 'SuspiciousMultipartForm'`
			`- 'SuspiciousSession'`
			`- 'TooManyFieldsSent'`
			`- 'PermissionDenied'`
Update exposed-django-variable.yaml 2022-08-21 11:57:55 +00:00			`condition: or`
add django variables exposure template 2022-08-12 04:47:07 +00:00
			`- type: word`
			`part: header`
			`words:`
			`- "text/html"`
Update and rename django-framework-exceptions-http.yaml to exposed-django-variable.yaml 2022-08-21 11:55:03 +00:00
			`- type: status`
			`status:`
			`- 400`