Update service-pwd-expose.yaml
parent
6ff85169c3
commit
4d2d1f35d6
|
@ -1,26 +1,23 @@
|
|||
id: service-pwd-expose
|
||||
info:
|
||||
name: Service and conf file exposer
|
||||
name: Service password file
|
||||
author: pussycat0x
|
||||
severity: info
|
||||
description: Searches for sensitive .cnf, .pwd files.
|
||||
severity: high
|
||||
description: Searches for sensitive service.pwd file.
|
||||
reference: https://www.exploit-db.com/ghdb/7256
|
||||
tags: exposure,listing
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/_vti_pvt/"
|
||||
- "{{BaseURL}}/_vti_pvt/service.pwd"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "Index of"
|
||||
- "_vti_pvt"
|
||||
- "service.pwd"
|
||||
- "cnf"
|
||||
condition: and
|
||||
- "# -FrontPage-"
|
||||
part: body
|
||||
|
||||
- type: status
|
||||
status:
|
||||
|
|
Loading…
Reference in New Issue