From 5d226b38d7ca70fe6180bed22d0bf5c35c81a9b9 Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Thu, 1 Oct 2020 20:35:07 +0200 Subject: [PATCH 1/3] Shell History (.bash_history) Discover history file for bash and zsh --- files/shell-history.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 files/shell-history.yaml diff --git a/files/shell-history.yaml b/files/shell-history.yaml new file mode 100644 index 0000000000..714ad747f4 --- /dev/null +++ b/files/shell-history.yaml @@ -0,0 +1,20 @@ +id: shell-history + +info: + name: Shell History + author: pentest_swissky + severity: medium + description: Discover history for bash and zsh + +requests: + - method: GET + redirects: true + matchers-condition: or + max-redirects: 5 + path: + - "{{BaseURL}}/.bash_history" + - "{{BaseURL}}/.zsh_history" + matchers: + - type: word + words: + - "chmod " \ No newline at end of file From e48004306cbd187dccd87690173e121d8fd4ed37 Mon Sep 17 00:00:00 2001 From: bauthard <8293321+bauthard@users.noreply.github.com> Date: Sat, 3 Oct 2020 11:52:40 +0530 Subject: [PATCH 2/3] Update shell-history.yaml --- files/shell-history.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/files/shell-history.yaml b/files/shell-history.yaml index 714ad747f4..723b51d623 100644 --- a/files/shell-history.yaml +++ b/files/shell-history.yaml @@ -3,8 +3,8 @@ id: shell-history info: name: Shell History author: pentest_swissky - severity: medium - description: Discover history for bash and zsh + severity: low + description: Discover history for bash and zsh file. requests: - method: GET @@ -14,7 +14,12 @@ requests: path: - "{{BaseURL}}/.bash_history" - "{{BaseURL}}/.zsh_history" + + matchers-condition: and matchers: - type: word words: - - "chmod " \ No newline at end of file + - "chmod " + - type: status + status: + - 200 \ No newline at end of file From 33ac552cd550e6f11433b7910660d206ded4aa3d Mon Sep 17 00:00:00 2001 From: bauthard <8293321+bauthard@users.noreply.github.com> Date: Sat, 3 Oct 2020 11:54:07 +0530 Subject: [PATCH 3/3] Update shell-history.yaml --- files/shell-history.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/files/shell-history.yaml b/files/shell-history.yaml index 723b51d623..b6e8ec311d 100644 --- a/files/shell-history.yaml +++ b/files/shell-history.yaml @@ -9,7 +9,6 @@ info: requests: - method: GET redirects: true - matchers-condition: or max-redirects: 5 path: - "{{BaseURL}}/.bash_history"