nuclei-templates/http/exposures/files/composer-auth-json.yaml

32 lines
678 B
YAML
Raw Normal View History

2022-07-06 21:36:30 +00:00
id: composer-auth-json
info:
name: Composer-auth Json File Disclosure
author: DhiyaneshDK
severity: low
reference: https://www.exploit-db.com/ghdb/5768
metadata:
max-request: 2
2022-07-06 21:36:30 +00:00
verified: true
google-query: intext:"index of /" ".composer-auth.json"
2022-10-13 10:12:07 +00:00
tags: exposure,devops,files
2022-07-06 21:36:30 +00:00
http:
2022-07-06 21:36:30 +00:00
- method: GET
path:
- "{{BaseURL}}/.composer-auth.json"
- "{{BaseURL}}/vendor/webmozart/assert/.composer-auth.json"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
words:
- 'github-oauth'
- 'github.com'
condition: and
- type: status
status:
- 200