nuclei-templates/http/exposures/logs/php-debug-bar.yaml

37 lines
899 B
YAML
Raw Normal View History

2021-05-09 06:29:35 +00:00
id: php-debug-bar
2021-05-09 06:29:35 +00:00
info:
name: PHP Debug Bar
2021-05-09 06:29:35 +00:00
author: dhiyaneshDk
2021-05-11 17:36:18 +00:00
severity: high
2023-03-27 08:38:23 +00:00
description: The PHP Debug Bar tool was discovered, which allows the attacker to obtain sensitive information, e.g. application configuration.
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: debug,logs,exposure
2021-05-09 06:29:35 +00:00
http:
2021-05-09 06:29:35 +00:00
- method: GET
path:
- "{{BaseURL}}/_debugbar/open?max=20&offset=0"
2021-05-11 17:36:18 +00:00
2021-05-09 06:29:35 +00:00
matchers-condition: and
matchers:
- type: status
status:
- 200
2021-05-11 17:36:18 +00:00
2021-05-09 06:29:35 +00:00
- type: word
words:
2021-05-11 17:36:18 +00:00
- '"id":"'
- '"datetime":'
- '"method"'
2021-05-09 06:29:35 +00:00
condition: and
2021-05-11 17:36:18 +00:00
part: body
- type: word
words:
- "application/json"
part: header
# digest: 490a00463044022068b3a15a270ab75d8ea93000b58c7267eec0abe01c12364e7ab118f5411757420220026b5389a6a9a296c9251a0c2a37211e9bfafad05b8e7e1e2aacd278ab86552c:922c64590222798bb761d5b6d8e72950