Create apache-filename-brute-force.yaml

2021-05-12 20:30:15 +00:00 · 2021-05-12 20:30:15 +00:00 · 00af677408
parent d63b9e1cb8
commit 00af677408
1 changed files with 29 additions and 0 deletions
--- a/misconfiguration/apache-filename-brute-force.yaml
+++ b/misconfiguration/apache-filename-brute-force.yaml
@ -0,0 +1,29 @@
+id: apache-filename-brute-force
+info:
+  name: Apache Filename Brute Force
+  author: geeknik
+  description: If the client provides an invalid Accept header, the server will respond with a 406 Not Acceptable error containing a pseudo directory listing.
+  reference: |
+    - https://hackerone.com/reports/210238
+    - https://www.acunetix.com/vulnerabilities/web/apache-mod_negotiation-filename-bruteforcing/
+  severity: low
+  tags: apache
+ 
+requests:
+  - method: GET
+    headers:
+      Accept: "fake/value"
+    path:
+      - "{{BaseURL}}/index"
+ 
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 406
+      - type: word
+        words:
+          - "Not Acceptable"
+          - "Available variants:"
+          - "<address>Apache Server at"
+        condition: and