Merge pull request #8390 from 0xPugazh/main

Update wordpress-accessible-wpconfig.yaml
2023-10-17 11:38:16 +05:30 · 2023-10-17 11:38:16 +05:30 · 064f94089c
parent a5ce59f756 05168225d3
commit 064f94089c
1 changed files with 14 additions and 6 deletions
--- a/http/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
+++ b/http/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
@ -2,7 +2,7 @@ id: wordpress-accessible-wpconfig

 info:
  name: WordPress wp-config Detection
-  author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess
+  author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess,0xpugazh
  severity: medium
  description: WordPress `wp-config` was discovered. This file is remotely accessible and its content available for reading.
  classification:
@ -10,7 +10,7 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
-    max-request: 25
+    max-request: 27
  tags: wordpress,backup

 http:
@ -41,10 +41,15 @@ http:
      - '{{BaseURL}}/wp-config.php.original'
      - '{{BaseURL}}/wp-config.backup'
      - '{{BaseURL}}/_wpeprivate/config.json'
+      - '{{BaseURL}}/config.php.zip'
+      - '{{BaseURL}}/config.php.tar.gz'
+      - '{{BaseURL}}/config.php.new'
+      - '{{BaseURL}}/common/config.php.new'
+      - '{{BaseURL}}/wp-config.php.bk'

    stop-at-first-match: true

-    matchers-condition: and
+    matchers-condition: or
    matchers:
      - type: word
        words:
@ -53,6 +58,9 @@ http:
        part: body
        condition: and

-      - type: status
-        status:
-          - 200
+      - type: word
+        part: body
+        words:
+          - "DBNAME"
+          - "PASSWORD"
+        condition: and