Merge pull request #1138 from projectdiscovery/backup-file

Added settings-php-files and more tags
2021-03-24 15:24:06 +05:30 · 2021-03-24 15:24:06 +05:30 · ca12c1fef7
parent c141c32cab 5e27fa8239
commit ca12c1fef7
7 changed files with 37 additions and 2 deletions
--- a/exposures/apis/openapi.yaml
+++ b/exposures/apis/openapi.yaml
@ -4,6 +4,7 @@ info:
  name: OpenAPI
  author: pdteam
  severity: info
+  tags: api

 requests:
  - method: GET
--- a/exposures/apis/swagger-api.yaml
+++ b/exposures/apis/swagger-api.yaml
@ -1,9 +1,10 @@
 id: swagger-api

 info:
-  name: Swagger API
-  author: pd-team
+  name: Public Swagger API
+  author: pdteam
  severity: info
+  tags: api,swagger

 requests:
  - method: GET
--- a/exposures/apis/wadl-api.yaml
+++ b/exposures/apis/wadl-api.yaml
@ -4,6 +4,7 @@ info:
  name: wadl file disclosure
  author: 0xrudra & manuelbua
  severity: info
+  tags: api

  # References:
  # - https://github.com/dwisiswant0/wadl-dumper
--- a/exposures/apis/wsdl-api.yaml
+++ b/exposures/apis/wsdl-api.yaml
@ -4,6 +4,7 @@ info:
  name: wsdl-detect
  author: jarijaas
  severity: info
+  tags: api

 # This detects web services that have WSDL (https://www.w3.org/TR/wsdl/)
 # For instance, SOAP services, such as: https://docs.microsoft.com/en-us/xamarin/xamarin-forms/data-cloud/web-services/asmx
--- a/exposures/backups/settings-php-files.yaml
+++ b/exposures/backups/settings-php-files.yaml
@ -0,0 +1,29 @@
+id: settings-php-files
+
+info:
+  name: settings.php information disclosure
+  author: sheikhrishad
+  severity: medium
+  tags: backup
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/settings.php.bak"
+      - "{{BaseURL}}/settings.php.dist"
+      - "{{BaseURL}}/settings.php.old"
+      - "{{BaseURL}}/settings.php.save"
+      - "{{BaseURL}}/settings.php.swp"
+      - "{{BaseURL}}/settings.php.txt"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "DB_NAME"
+          - "DB"
+        condition: and
+
+      - type: status
+        status:
+          - 200
--- a/exposures/backups/sql-dump.yaml
+++ b/exposures/backups/sql-dump.yaml
@ -4,6 +4,7 @@ info:
  name: MySQL Dump Files
  author: geeknik & @dwisiswant0
  severity: medium
+  tags: backup

 requests:
  - method: GET
--- a/exposures/backups/zip-backup-files.yaml
+++ b/exposures/backups/zip-backup-files.yaml
@ -4,6 +4,7 @@ info:
  name: Compressed Web File
  author: Toufik Airane & @dwisiswant0
  severity: medium
+  tags: backup

 requests:
  - method: GET