From c980eea40b1470b518cd718307d54d979c83a2fa Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Thu, 19 Aug 2021 16:32:09 +0530
Subject: [PATCH] Create dbeaver-credentials.yaml

---
 exposures/configs/dbeaver-credentials.yaml | 26 ++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 exposures/configs/dbeaver-credentials.yaml

diff --git a/exposures/configs/dbeaver-credentials.yaml b/exposures/configs/dbeaver-credentials.yaml
new file mode 100644
index 0000000000..e9e66f7357
--- /dev/null
+++ b/exposures/configs/dbeaver-credentials.yaml
@@ -0,0 +1,26 @@
+id: dbeaver-credentials
+
+info:
+  name: DBeaver Credential Exposure
+  author: geeknik
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.dbeaver/credentials-config.json"
+    # to decode the above file, run this:
+    # openssl aes-128-cbc -d -K "babb4a9f774ab853c96c2d653dfe544a" -iv 00000000000000000000000000000000 -in credentials-config.json | dd bs=1 skip=16 2>/dev/null
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "application/octet-stream"
+        part: header
+      - type: dsl
+        dsl:
+          - "len(body) >=200 && len(body) <400"