Merge pull request #4571 from nullfuzz-pentest/git-logs-exposure
Added git-logs-exposure Templatepatch-1
commit
1d19b2c0d7
|
@ -0,0 +1,33 @@
|
|||
id: git-logs-exposure
|
||||
|
||||
info:
|
||||
name: Git Logs Disclosure
|
||||
author: NullFuzz
|
||||
severity: Info
|
||||
description: Searches Git Logs files and passed URLs.
|
||||
tags: logs,git,exposure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/.git/logs/HEAD"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- "!contains(tolower(body), '<html')"
|
||||
- "!contains(tolower(body), '<body')"
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "application/octet-stream"
|
||||
|
||||
- type: regex
|
||||
regex:
|
||||
- '^([a-z0-9]+) '
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
Loading…
Reference in New Issue