Create travis-ci-disclosure.yaml (#5709)

exposures/files/travis-ci-disclosure.yaml

@@ -0,0 +1,43 @@
+id: travis-ci-disclosure
+
+info:
+  name: Travis CI Disclosure
+  author: DhiyaneshDK
+  severity: high
+  description: |
+    Travis CI is a Software as a Service (SaaS) based continuous integration service used to build and test software projects. By defining a configuration file named `.travis.yml` in their source code repositories, developers can customize their applications build workflows.
+  remediation: |
+    Ensure that the `.travis.yml` file is not deployed with the application or, at least, is not exposed in a web server directory by setting proper permissions on it. If sensitive information like credentials are leaked in the exposed file, they should be revoked and reset on the affected assets.
+  reference:
+    - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
+    - https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/
+    - https://www.tenable.com/plugins/was/113156
+  metadata:
+    verified: true
+    shodan-query: html:"travis.yml"
+  tags: exposure,file,config
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/.travis.yml'
+      - '{{BaseURL}}/matomo/.travis.yml'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'secure:'
+          - 'env:'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+      - type: status
+        status:
+          - 200