daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove Equal 

I noticed that some vulnerable sites were being missed out since it expected the site to have APP_* which isn't always the case
patch-1
Alfie Njeru 2021-04-07 23:11:57 +03:00 committed by GitHub
parent e2ae9342ee
commit 11dec8ac1b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
exposures/configs/laravel-env.yaml
View File

@ -4,7 +4,6 @@ info:
name: Laravel .env file name: Laravel .env file
author: pxmme1337 & dwisiswant0 & geeknik & emenalf author: pxmme1337 & dwisiswant0 & geeknik & emenalf
severity: medium severity: medium
tags: config,exposure
requests: requests:
- method: GET - method: GET
@ -18,11 +17,12 @@ requests:
- "{{BaseURL}}/.env.example" - "{{BaseURL}}/.env.example"
- "{{BaseURL}}/.env.stage" - "{{BaseURL}}/.env.stage"
- "{{BaseURL}}/.env.live" - "{{BaseURL}}/.env.live"
- "{{BaseURL}}/.env_1
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: regex - type: regex
regex: regex:
- "(?m)^APP_(NAME|ENV|KEY|DEBUG|URL)=" - "(NAME|ENV|KEY|DEBUG|URL|PASSWORD)"
- type: status - type: status
status: status:
- 200 - 200