daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create firebase-urls.yaml

patch-1
Dhiyaneshwaran 2021-06-06 19:38:51 +05:30 committed by GitHub
parent e69eb970f4
commit 52adac2e12
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
misconfiguration/firebase-urls.yaml Normal file
View File

@ -0,0 +1,27 @@
id: firebase-urls
info:
name: Find firebaseio urls to check for security permissions
author: panch0r3d
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}/"
redirects: true
max-redirects: 5
headers:
User-Agent: "Mozilla UACanary12345"
matchers-condition: and
matchers:
- type: regex
regex:
- ".*?(f|F)(i|I)(r|R)(e|E)(b|B)(a|A)(s|S)(e|E)(i|I)(o|O)[.](c|C)(o|O)(m|M).*?"
part: body
extractors:
- type: regex
part: body
regex:
- "([^]|[']|[ ]|[:]|http)*(f|F)(i|I)(r|R)(e|E)(b|B)(a|A)(s|S)(e|E)(i|I)(o|O)[.](c|C)(o|O)(m|M).*?([\r\n]|[}]|[,]|[>]|[-]|[ ]|['])"
- "([^]|[']|[ ]|[:]|http)*(d|D)(a|A)(t|T)(a|A)(b|B)(a|A)(s|S)(e|E).*?([\r\n]|[}]|[,]|[>]|[-]|[ ]|['])"