Merge pull request #7852 from projectdiscovery/socks5-vpn-config

Create socks5-vpn-config.yaml

http/exposures/files/socks5-vpn-config.yaml

@@ -0,0 +1,40 @@
+id: socks5-vpn-config
+
+info:
+  name: Socks5 VPN - Sensitive File Disclosure
+  author: DhiyaneshDk
+  severity: high
+  description: |
+    Information Leakage in the Socks5 VPN login system of Wheilton e-Ditong, and the administrator account password can be obtained by visiting a specially crafted URL.
+  reference:
+    - https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E6%83%A0%E5%B0%94%E9%A1%BF%20e%E5%9C%B0%E9%80%9A%20config.xml%20%E4%BF%A1%E6%81%AF%E6%B3%84%E6%BC%8F%E6%BC%8F%E6%B4%9E.md
+    - https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/iot/%E6%83%A0%E5%B0%94%E9%A1%BF/%E6%83%A0%E5%B0%94%E9%A1%BF%20e%E5%9C%B0%E9%80%9A%20config.xml%20%E4%BF%A1%E6%81%AF%E6%B3%84%E6%BC%8F%E6%BC%8F%E6%B4%9E.md?plain=1
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: app="惠尔顿-e地通VPN"
+  tags: esocks5,exposure,misconfig,files,disclosure
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/backup/config.xml"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<config>"
+          - "password="
+          - "username="
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/xml"
+
+      - type: status
+        status:
+          - 200