Merge pull request #732 from DhiyaneshGeek/master

ASP.NET Trace.AXD Information Leak
patch-1
PD-Team 2021-01-06 23:38:23 +05:30 committed by GitHub
commit a9bdfb7b38
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 0 deletions

View File

@ -0,0 +1,22 @@
id: trace-axd-detect
info:
name: ASP.NET Trace.AXD Information Leak
author: dhiyaneshDK
severity: low
reference: https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/
requests:
- method: GET
path:
- "{{BaseURL}}/Trace.axd"
matchers-condition: and
matchers:
- type: word
words:
- '<td><h1>Application Trace</h1></td>'
- type: status
status:
- 200