nuclei-templates/exposures/configs/sftp-credentials-exposure.yaml

27 lines
488 B
YAML
Raw Normal View History

2021-02-20 14:18:06 +00:00
id: sftp-credentials-exposure
info:
name: SFTP credentials exposure
author: sheikhrishad
severity: medium
2021-02-20 14:18:44 +00:00
tags: config,ftp
2021-02-20 14:18:06 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/sftp-config.json"
2021-02-20 16:07:10 +00:00
- "{{BaseURL}}/ftpsync.settings"
2021-02-20 14:18:06 +00:00
matchers-condition: and
matchers:
- type: word
words:
- "file_permissions"
- "extra_list_connections"
2021-02-20 16:07:10 +00:00
- "password"
part: body
2021-02-20 14:18:06 +00:00
- type: status
status:
2021-02-20 16:07:10 +00:00
- 200