matcher updates

2021-07-24 03:03:31 +05:30 · 2021-07-24 03:03:31 +05:30 · 1ea3b8a8bf
parent 9788ebbf27
commit 1ea3b8a8bf
2 changed files with 13 additions and 10 deletions
--- a/exposures/configs/kubernetes-kustomization-disclosure.yaml
+++ b/exposures/configs/kubernetes-kustomization-disclosure.yaml
@ -14,19 +14,22 @@ requests:

    matchers-condition: and
    matchers:
-      - type: regex
-        regex:
-          - "(?m)^\\s*apiVersion\\s*:\\s*kustomize\\.config"
-          - "(?mi)^\\s*kind\\s*:\\s*Kustomization"
-          - "(?m)^\\scommonLabels\\s*:"
-          - "(?m)^\\sresources\\s*:"
-          - "(?m)^\\snamespace\\s*:"
+      - type: word
        part: body
+        condition: or
+        words:
+          - "apiVersion:"
+          - "resources:"
+          - "namespace:"
+          - "commonLabels:"
+          - "Kustomization"

      - type: word
+        part: body
+        condition: or
        words:
-          - "Content-Type: application/yaml"
-        part: header
+          - "yaml"
+          - "yml"

      - type: status
        status:
--- a/exposures/files/php-user-ini-disclosure.yaml
+++ b/exposures/files/php-user-ini-disclosure.yaml
@ -5,7 +5,7 @@ info:
  author: dhiyaneshDk
  severity: medium
  reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/php-user-ini-disclosure.json
-  tags: exposure,files
+  tags: exposure,config

 requests:
  - method: GET