From 6fb966568f69fd8fa0d120f8a32152e53b515048 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 11 Jun 2022 08:04:11 +0100 Subject: [PATCH 01/15] Create karma-configuration-file.yaml --- .../configs/karma-configuration-file.yaml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposures/configs/karma-configuration-file.yaml diff --git a/exposures/configs/karma-configuration-file.yaml b/exposures/configs/karma-configuration-file.yaml new file mode 100644 index 0000000000..0af2fbe4b8 --- /dev/null +++ b/exposures/configs/karma-configuration-file.yaml @@ -0,0 +1,29 @@ +id: karma-configuration-file + +info: + name: Karma Configuration File Exposure + author: DhiyaneshDk + severity: medium + metadata: + verified: true + shodan-query: "karma.conf.js" + tags: config,exposure,devops + +requests: + - method: GET + path: + - "{{BaseURL}}/.appveyor.yml" + - "{{BaseURL}}/appveyor.yml" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - "install:" + - "test_script:" + condition: and + + - type: status + status: + - 200 From 91d5588e5e67e7fd97d2b6658b2b95ffe9e69730 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 11 Jun 2022 08:04:58 +0100 Subject: [PATCH 02/15] Update and rename karma-configuration-file.yaml to appveyor-configuration-file.yaml --- ...iguration-file.yaml => appveyor-configuration-file.yaml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename exposures/configs/{karma-configuration-file.yaml => appveyor-configuration-file.yaml} (80%) diff --git a/exposures/configs/karma-configuration-file.yaml b/exposures/configs/appveyor-configuration-file.yaml similarity index 80% rename from exposures/configs/karma-configuration-file.yaml rename to exposures/configs/appveyor-configuration-file.yaml index 0af2fbe4b8..c14556da9f 100644 --- a/exposures/configs/karma-configuration-file.yaml +++ b/exposures/configs/appveyor-configuration-file.yaml @@ -1,12 +1,12 @@ -id: karma-configuration-file +id: appveyor-configuration-file info: - name: Karma Configuration File Exposure + name: AppVeyor Configuration Exposure author: DhiyaneshDk severity: medium metadata: verified: true - shodan-query: "karma.conf.js" + shodan-query: html:"appveyor.yml" tags: config,exposure,devops requests: From 988f30ff78c7663fff8563d586f6c568ca208a96 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 11 Jun 2022 08:09:39 +0100 Subject: [PATCH 03/15] Create karma-config-js.yaml --- exposures/configs/karma-config-js.yaml | 29 ++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposures/configs/karma-config-js.yaml diff --git a/exposures/configs/karma-config-js.yaml b/exposures/configs/karma-config-js.yaml new file mode 100644 index 0000000000..4205151280 --- /dev/null +++ b/exposures/configs/karma-config-js.yaml @@ -0,0 +1,29 @@ +id: karma-conf-js + +info: + name: Karma Configuration File Exposure + author: DhiyaneshDk + severity: medium + metadata: + verified: true + shodan-query: html:"karma.conf.js" + tags: config,exposure,devops + +requests: + - method: GET + path: + - "{{BaseURL}}/.config/karma.conf.js" + - "{{BaseURL}}/karma.conf.js" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - "// Karma configuration" + - "module.exports" + condition: and + + - type: status + status: + - 200 From cc378bbbd97ef2d619294c1e1afb4a2394890ee7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 11 Jun 2022 23:42:13 +0100 Subject: [PATCH 04/15] Create phpunit-result-cache-exposure.yaml --- .../files/phpunit-result-cache-exposure.yaml | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposures/files/phpunit-result-cache-exposure.yaml diff --git a/exposures/files/phpunit-result-cache-exposure.yaml b/exposures/files/phpunit-result-cache-exposure.yaml new file mode 100644 index 0000000000..eef6e56384 --- /dev/null +++ b/exposures/files/phpunit-result-cache-exposure.yaml @@ -0,0 +1,27 @@ +id: phpunit-result-cache-exposure + +info: + name: PHPUnit Result Cache File Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: ".phpunit.result.cache" + tags: config,exposure,devops + +requests: + - method: GET + path: + - "{{BaseURL}}/.phpunit.result.cache" + + matchers-condition: and + + matchers: + - type: word + words: + - '"defects"' + condition: and + + - type: status + status: + - 200 From f1d28e65ffc4b76ab852c89795238c488ded5694 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 11 Jun 2022 23:54:08 +0100 Subject: [PATCH 05/15] Create styleci-yml-disclosure.yaml --- exposures/files/styleci-yml-disclosure.yaml | 29 +++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposures/files/styleci-yml-disclosure.yaml diff --git a/exposures/files/styleci-yml-disclosure.yaml b/exposures/files/styleci-yml-disclosure.yaml new file mode 100644 index 0000000000..dcfc5aa6bf --- /dev/null +++ b/exposures/files/styleci-yml-disclosure.yaml @@ -0,0 +1,29 @@ +id: styleci-yml-disclosure + +info: + name: StyleCi Yaml File Disclosure + author: DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: ".styleci.yml" + tags: config,exposure,devops + +requests: + - method: GET + path: + - "{{BaseURL}}/.styleci.yml" + + matchers-condition: and + + matchers: + - type: word + words: + - "php" + - "preset" + - "disabled" + condition: and + + - type: status + status: + - 200 From f92969bc27281a1df4e8d05bfc52cddca3b343bc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 12 Jun 2022 00:11:02 +0100 Subject: [PATCH 06/15] Create webpack-mix-js.yaml --- exposures/files/webpack-mix-js.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposures/files/webpack-mix-js.yaml diff --git a/exposures/files/webpack-mix-js.yaml b/exposures/files/webpack-mix-js.yaml new file mode 100644 index 0000000000..f17dcfd697 --- /dev/null +++ b/exposures/files/webpack-mix-js.yaml @@ -0,0 +1,28 @@ +id: webpack-mix-js + +info: + name: Webpack Mix File Disclosure + author: DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: html:"webpack.mix.js" + tags: config,exposure,devops + +requests: + - method: GET + path: + - "{{BaseURL}}/webpack.mix.js" + + matchers-condition: and + + matchers: + - type: word + words: + - "Mix Asset Management" + - "const mix" + condition: and + + - type: status + status: + - 200 From 01a186ecde77b84d049f6e0c2d8f155e59651b0f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 12 Jun 2022 00:25:33 +0100 Subject: [PATCH 07/15] Create proxy-wpad-exposure.yaml --- exposures/configs/proxy-wpad-exposure.yaml | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposures/configs/proxy-wpad-exposure.yaml diff --git a/exposures/configs/proxy-wpad-exposure.yaml b/exposures/configs/proxy-wpad-exposure.yaml new file mode 100644 index 0000000000..5d4e41ad18 --- /dev/null +++ b/exposures/configs/proxy-wpad-exposure.yaml @@ -0,0 +1,27 @@ +id: proxy-wpad-exposure + +info: + name: Proxy WPAD Configuration Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: html:"wpad.dat" + tags: config,exposure,proxy + +requests: + - method: GET + path: + - "{{BaseURL}}/wpad.dat" + matchers-condition: and + matchers: + - type: word + words: + - "FindProxyForURL" + - "url" + - "host" + condition: and + + - type: status + status: + - 200 From d1ae2c5e54113e5c6f84d5f035d81b9eafc13b15 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 12 Jun 2022 00:35:01 +0100 Subject: [PATCH 08/15] Create wp-cli-exposure.yaml --- exposures/files/wp-cli-exposure.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposures/files/wp-cli-exposure.yaml diff --git a/exposures/files/wp-cli-exposure.yaml b/exposures/files/wp-cli-exposure.yaml new file mode 100644 index 0000000000..ef2e7fb9d1 --- /dev/null +++ b/exposures/files/wp-cli-exposure.yaml @@ -0,0 +1,26 @@ +id: wp-cli-exposure + +info: + name: WP-CLI Yaml File Exposure + author: DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: html:"wp-cli.yml" + tags: config,exposure,wp-cli + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-cli.yml" + matchers-condition: and + matchers: + - type: word + words: + - "apache_modules:" + - "mod_rewrite" + condition: and + + - type: status + status: + - 200 From f84605ce62ad4279c35cede8a7503563a19098b2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 12 Jun 2022 00:50:45 +0100 Subject: [PATCH 09/15] Create npm-shrinkwrap-exposure.yaml --- exposures/files/npm-shrinkwrap-exposure.yaml | 30 ++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposures/files/npm-shrinkwrap-exposure.yaml diff --git a/exposures/files/npm-shrinkwrap-exposure.yaml b/exposures/files/npm-shrinkwrap-exposure.yaml new file mode 100644 index 0000000000..a3c5d13638 --- /dev/null +++ b/exposures/files/npm-shrinkwrap-exposure.yaml @@ -0,0 +1,30 @@ +id: npm-shrinkwrap-exposure + +info: + name: Node Shrinkwrap Exposure + author: DhiyaneshDk + severity: medium + metadata: + verified: true + shodan-query: html:"npm-shrinkwrap.json" + tags: config,exposure,npm + +requests: + - method: GET + path: + - "{{BaseURL}}/npm-shrinkwrap.json" + matchers-condition: and + matchers: + - type: word + words: + - "version" + - "dependencies" + + - type: word + part: header + words: + - "application/json" + + - type: status + status: + - 200 From e4271fc295d4a839cdc8d40716f1a4526ca23e7a Mon Sep 17 00:00:00 2001 From: sandeep Date: Sun, 12 Jun 2022 09:42:41 +0530 Subject: [PATCH 10/15] misc updates --- exposures/files/npm-shrinkwrap-exposure.yaml | 2 ++ exposures/files/phpunit-result-cache-exposure.yaml | 2 -- exposures/files/styleci-yml-disclosure.yaml | 1 - exposures/files/webpack-mix-js.yaml | 1 - exposures/files/wp-cli-exposure.yaml | 1 + 5 files changed, 3 insertions(+), 4 deletions(-) diff --git a/exposures/files/npm-shrinkwrap-exposure.yaml b/exposures/files/npm-shrinkwrap-exposure.yaml index a3c5d13638..c6c4f714d3 100644 --- a/exposures/files/npm-shrinkwrap-exposure.yaml +++ b/exposures/files/npm-shrinkwrap-exposure.yaml @@ -13,12 +13,14 @@ requests: - method: GET path: - "{{BaseURL}}/npm-shrinkwrap.json" + matchers-condition: and matchers: - type: word words: - "version" - "dependencies" + condition: and - type: word part: header diff --git a/exposures/files/phpunit-result-cache-exposure.yaml b/exposures/files/phpunit-result-cache-exposure.yaml index eef6e56384..d0807e16b4 100644 --- a/exposures/files/phpunit-result-cache-exposure.yaml +++ b/exposures/files/phpunit-result-cache-exposure.yaml @@ -15,12 +15,10 @@ requests: - "{{BaseURL}}/.phpunit.result.cache" matchers-condition: and - matchers: - type: word words: - '"defects"' - condition: and - type: status status: diff --git a/exposures/files/styleci-yml-disclosure.yaml b/exposures/files/styleci-yml-disclosure.yaml index dcfc5aa6bf..aa9cf7fb71 100644 --- a/exposures/files/styleci-yml-disclosure.yaml +++ b/exposures/files/styleci-yml-disclosure.yaml @@ -15,7 +15,6 @@ requests: - "{{BaseURL}}/.styleci.yml" matchers-condition: and - matchers: - type: word words: diff --git a/exposures/files/webpack-mix-js.yaml b/exposures/files/webpack-mix-js.yaml index f17dcfd697..dacf9a00c1 100644 --- a/exposures/files/webpack-mix-js.yaml +++ b/exposures/files/webpack-mix-js.yaml @@ -15,7 +15,6 @@ requests: - "{{BaseURL}}/webpack.mix.js" matchers-condition: and - matchers: - type: word words: diff --git a/exposures/files/wp-cli-exposure.yaml b/exposures/files/wp-cli-exposure.yaml index ef2e7fb9d1..08b73b1dd7 100644 --- a/exposures/files/wp-cli-exposure.yaml +++ b/exposures/files/wp-cli-exposure.yaml @@ -13,6 +13,7 @@ requests: - method: GET path: - "{{BaseURL}}/wp-cli.yml" + matchers-condition: and matchers: - type: word From 2d5361a7477758dc67730040981eacb475547694 Mon Sep 17 00:00:00 2001 From: sandeep Date: Sun, 12 Jun 2022 13:01:46 +0530 Subject: [PATCH 11/15] misc updates --- exposures/configs/proxy-wpad-exposure.yaml | 1 + exposures/files/npm-shrinkwrap-exposure.yaml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/exposures/configs/proxy-wpad-exposure.yaml b/exposures/configs/proxy-wpad-exposure.yaml index 5d4e41ad18..82d7108188 100644 --- a/exposures/configs/proxy-wpad-exposure.yaml +++ b/exposures/configs/proxy-wpad-exposure.yaml @@ -13,6 +13,7 @@ requests: - method: GET path: - "{{BaseURL}}/wpad.dat" + matchers-condition: and matchers: - type: word diff --git a/exposures/files/npm-shrinkwrap-exposure.yaml b/exposures/files/npm-shrinkwrap-exposure.yaml index c6c4f714d3..7326634562 100644 --- a/exposures/files/npm-shrinkwrap-exposure.yaml +++ b/exposures/files/npm-shrinkwrap-exposure.yaml @@ -3,7 +3,7 @@ id: npm-shrinkwrap-exposure info: name: Node Shrinkwrap Exposure author: DhiyaneshDk - severity: medium + severity: info metadata: verified: true shodan-query: html:"npm-shrinkwrap.json" From 981c2463b23e8a01a7dbd9cc7618c66eb1134348 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 13 Jun 2022 00:48:02 +0100 Subject: [PATCH 12/15] Create editor-exposure.yaml --- exposures/configs/editor-exposure.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposures/configs/editor-exposure.yaml diff --git a/exposures/configs/editor-exposure.yaml b/exposures/configs/editor-exposure.yaml new file mode 100644 index 0000000000..b0e441b96a --- /dev/null +++ b/exposures/configs/editor-exposure.yaml @@ -0,0 +1,25 @@ +id: editor-exposure + +info: + name: Editor Config Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: html:"editorconfig" + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/.editorconfig" + matchers-condition: and + matchers: + - type: word + words: + - "= true" + - "space" + + - type: status + status: + - 200 From c37db734ae66babb00aa646f877d5bdad317d2ff Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 13 Jun 2022 00:52:41 +0100 Subject: [PATCH 13/15] Create vagrantfile-exposure.yaml --- exposures/files/vagrantfile-exposure.yaml | 25 +++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposures/files/vagrantfile-exposure.yaml diff --git a/exposures/files/vagrantfile-exposure.yaml b/exposures/files/vagrantfile-exposure.yaml new file mode 100644 index 0000000000..d817521380 --- /dev/null +++ b/exposures/files/vagrantfile-exposure.yaml @@ -0,0 +1,25 @@ +id: vagrantfile-exposure + +info: + name: Vagrantfile Exposure + author: DhiyaneshDk + severity: medium + metadata: + verified: true + shodan-query: html:"Vagrantfile" + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/Vagrantfile" + matchers-condition: and + matchers: + - type: word + words: + - "./vagrant/config/vagrant-local.yml" + - "./vagrant/config/vagrant-local.example.yml" + + - type: status + status: + - 200 From 781d8bfe9173c04955ac96b6696560df1c48eb1c Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 15 Jun 2022 12:23:44 +0530 Subject: [PATCH 14/15] Update editor-exposure.yaml --- exposures/configs/editor-exposure.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/exposures/configs/editor-exposure.yaml b/exposures/configs/editor-exposure.yaml index b0e441b96a..c44c8ea249 100644 --- a/exposures/configs/editor-exposure.yaml +++ b/exposures/configs/editor-exposure.yaml @@ -13,12 +13,22 @@ requests: - method: GET path: - "{{BaseURL}}/.editorconfig" + matchers-condition: and matchers: - type: word words: - "= true" - - "space" + - "= space" + condition: or + + - type: word + part: header + words: + - "application/json" + - "text/html" + negative: true + condition: or - type: status status: From 756e8fce08482ebc63b9bc138b37a200a3ba6e33 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 15 Jun 2022 12:33:32 +0530 Subject: [PATCH 15/15] Update vagrantfile-exposure.yaml --- exposures/files/vagrantfile-exposure.yaml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/exposures/files/vagrantfile-exposure.yaml b/exposures/files/vagrantfile-exposure.yaml index d817521380..d6a643fc6a 100644 --- a/exposures/files/vagrantfile-exposure.yaml +++ b/exposures/files/vagrantfile-exposure.yaml @@ -3,16 +3,17 @@ id: vagrantfile-exposure info: name: Vagrantfile Exposure author: DhiyaneshDk - severity: medium + severity: low metadata: verified: true shodan-query: html:"Vagrantfile" - tags: config,exposure + tags: config,exposure,vagrant,oss requests: - method: GET path: - "{{BaseURL}}/Vagrantfile" + matchers-condition: and matchers: - type: word @@ -20,6 +21,14 @@ requests: - "./vagrant/config/vagrant-local.yml" - "./vagrant/config/vagrant-local.example.yml" + - type: word + part: header + words: + - "application/json" + - "text/html" + negative: true + condition: or + - type: status status: - 200