Create travis-ci-disclosure.yaml (#5709)
parent
548acc72ef
commit
7f19ed604e
|
@ -0,0 +1,43 @@
|
|||
id: travis-ci-disclosure
|
||||
|
||||
info:
|
||||
name: Travis CI Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: high
|
||||
description: |
|
||||
Travis CI is a Software as a Service (SaaS) based continuous integration service used to build and test software projects. By defining a configuration file named `.travis.yml` in their source code repositories, developers can customize their applications build workflows.
|
||||
remediation: |
|
||||
Ensure that the `.travis.yml` file is not deployed with the application or, at least, is not exposed in a web server directory by setting proper permissions on it. If sensitive information like credentials are leaked in the exposed file, they should be revoked and reset on the affected assets.
|
||||
reference:
|
||||
- https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
|
||||
- https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/
|
||||
- https://www.tenable.com/plugins/was/113156
|
||||
metadata:
|
||||
verified: true
|
||||
shodan-query: html:"travis.yml"
|
||||
tags: exposure,file,config
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/.travis.yml'
|
||||
- '{{BaseURL}}/matomo/.travis.yml'
|
||||
|
||||
stop-at-first-match: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- 'secure:'
|
||||
- 'env:'
|
||||
condition: and
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "application/octet-stream"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
Loading…
Reference in New Issue