daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update and rename django-framework-exceptions-http.yaml to exposed-django-variable.yaml

patch-1
Dhiyaneshwaran 2022-08-21 17:25:03 +05:30 committed by GitHub
parent 647f2649b3
commit 51f8d946da
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
exposures/configs/django-framework-exceptions-http.yaml → exposures/configs/exposed-django-variable.yaml
View File

@ -1,7 +1,7 @@
id: django-framework-exceptions-http
id: exposed-django-variable
info:
name: Exposed django variables
name: Exposed Django variables
author: nobody
severity: low
description: Detects suspicious Django web application framework exceptions that could indicate exploitation attempts
@ -9,6 +9,8 @@ info:
- https://docs.djangoproject.com/en/1.11/ref/exceptions/
- https://docs.djangoproject.com/en/1.11/topics/logging/#django-security
- https://github.com/projectdiscovery/nuclei-templates/blob/master/file/logs/django-framework-exceptions.yaml
metadata:
verified: true
tags: config,exposure,django
requests:
@ -33,13 +35,13 @@ requests:
- 'SuspiciousSession'
- 'TooManyFieldsSent'
- 'PermissionDenied'
condition: or
- type: status
status:
- 400
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 400