Update django-secret-key.yaml
parent
ceaa145f58
commit
24678f6217
|
@ -1,14 +1,14 @@
|
|||
id: django-secret-key
|
||||
|
||||
info:
|
||||
name: Django Secret Key
|
||||
name: Django Secret Key Exposure
|
||||
author: geeknik,DhiyaneshDk
|
||||
severity: high
|
||||
reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key
|
||||
tags: django,exposure
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: html:settings.py
|
||||
tags: django,exposure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
@ -19,17 +19,28 @@ requests:
|
|||
- "{{BaseURL}}/settings/settings.py"
|
||||
- "{{BaseURL}}/web/settings/settings.py"
|
||||
|
||||
stop-at-first-match: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "SECRET_KEY ="
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "text/html"
|
||||
negative: true
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
part: body
|
||||
group: 1
|
||||
regex:
|
||||
- '"DJANGO_SECRET_KEY", "(.*)"'
|
||||
|
|
Loading…
Reference in New Issue