Update rails-database-config.yaml
False positive reduction. 12 matches out of 2 million hosts and they all showed a content-type of `application/octet-stream`.patch-1
parent
ba0d092d4d
commit
f01abd3e6d
|
@ -2,7 +2,7 @@ id: rails-database-config
|
|||
|
||||
info:
|
||||
name: Ruby-on-Rails Database Configuration Exposure
|
||||
author: pdteam
|
||||
author: pdteam & geeknik
|
||||
severity: low
|
||||
tags: config,exposure
|
||||
|
||||
|
@ -10,10 +10,16 @@ requests:
|
|||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/config/database.yml"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "application/octet-stream"
|
||||
- type: word
|
||||
words:
|
||||
- "adapter:"
|
||||
- "database:"
|
||||
condition: and
|
||||
part: body
|
||||
part: body
|
||||
|
|
Loading…
Reference in New Issue