From f9ab06dd401754cba69805cb30ef1e19919390e8 Mon Sep 17 00:00:00 2001
From: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
Date: Sat, 26 Dec 2020 23:18:55 +0530
Subject: [PATCH 1/2] Create jenkins-stack-trace.yaml

---
 jenkins-stack-trace.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 jenkins-stack-trace.yaml

diff --git a/jenkins-stack-trace.yaml b/jenkins-stack-trace.yaml
new file mode 100644
index 0000000000..bd98554060
--- /dev/null
+++ b/jenkins-stack-trace.yaml
@@ -0,0 +1,28 @@
+id: jenkins-stack-traces
+
+info:
+  name: Detect Jenkins in Debug Mode with Stack Traces Enabled
+  author: twitter.com/Dheerajmadhukar
+  severity: low
+  description: Module identified that the affected host is running an instance of Jenkins in debug mode, as a result stack traces are enabled.
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/adjuncts/3a890183/"
+    headers:
+      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
+      Accept-Encoding: gzip, deflate
+      Accept-Language: en-US,en;q=0.9,hi;q=0.8
+      User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Stack trace"
+          - "java.lang.StringIndexOutOfBoundsException"
+          - "String index out of range"
+        part: body
+      - type: status
+        status:
+          - 500
+        part: header

From 475ea04dee4ea5f5dc5f3ac16f334854e5fc3ba7 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sat, 26 Dec 2020 23:56:12 +0530
Subject: [PATCH 2/2] moving folders

---
 .../jenkins-stack-trace.yaml                               | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
 rename jenkins-stack-trace.yaml => security-misconfiguration/jenkins-stack-trace.yaml (93%)

diff --git a/jenkins-stack-trace.yaml b/security-misconfiguration/jenkins-stack-trace.yaml
similarity index 93%
rename from jenkins-stack-trace.yaml
rename to security-misconfiguration/jenkins-stack-trace.yaml
index bd98554060..c55c472c61 100644
--- a/jenkins-stack-trace.yaml
+++ b/security-misconfiguration/jenkins-stack-trace.yaml
@@ -5,24 +5,27 @@ info:
   author: twitter.com/Dheerajmadhukar
   severity: low
   description: Module identified that the affected host is running an instance of Jenkins in debug mode, as a result stack traces are enabled.
+  reference: https://hackerone.com/reports/221833
+
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/adjuncts/3a890183/"
+
     headers:
       Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
       Accept-Encoding: gzip, deflate
       Accept-Language: en-US,en;q=0.9,hi;q=0.8
       User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36
+
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "Stack trace"
           - "java.lang.StringIndexOutOfBoundsException"
           - "String index out of range"
         part: body
+        condtion: and
       - type: status
         status:
           - 500
-        part: header