nuclei-templates/http/misconfiguration/mixed-passive-content.yaml

53 lines
1.6 KiB
YAML
Raw Normal View History

id: mixed-passive-content
info:
name: Mixed Passive Content
author: Liwermor
severity: info
description: |
This check detects if there are any passive content being loaded over HTTP instead of HTTPS.
reference:
- https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content
- https://portswigger.net/kb/issues/01000400_mixed-content
- https://resources.infosecinstitute.com/topics/vulnerabilities/https-mixed-content-vulnerability/
- https://docs.gitlab.com/ee/user/application_security/dast/checks/319.1.html
metadata:
max-request: 1
tags: misconfig
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 3
matchers-condition: or
matchers:
- type: regex
part: body
name: img
regex:
- "<img[^>]*src=['\"]http://[^'\">]+['\"]"
- type: regex
part: body
name: audio
regex:
- "<audio[^>]*src=['\"]http://[^'\">]+['\"]"
- type: regex
part: body
name: video
regex:
- "<video[^>]*src=['\"]http://[^'\">]+['\"]"
extractors:
- type: regex
group: 1
part: body
regex:
- "<img[^>]*src=['\"](http[^s'\">][^'\">]*)['\"]"
- "<audio[^>]*src=['\"](http[^s'\">][^'\">]*)['\"]"
- "<video[^>]*src=['\"](http[^s'\">][^'\">]*)['\"]"
# digest: 490a0046304402204a796871e61ae1baa4e0b74a3107bc7e4d3c341145260548fb4b918e7defaa9a022037e90ad6f9697948bf47fde5d629eaf68f72b72816511c15909802a191b91881:922c64590222798bb761d5b6d8e72950