id: wordpress-db-backup

info:
  name: WordPress DB Backup
  author: dwisiswant0
  severity: medium
  description: This template checks for exposed database in wordpress.
  metadata:
    max-request: 1
  tags: wordpress,backups

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/backup-db/"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Index of /"
          - ".sql\">"
        condition: and
        part: body

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100a0e726174d0ce6710496622d5e177a470329502442f5f433e11ff15131a25b0902205addd5a5f08afd8ec5deb5a81c10c52bbba8da949bf9a4a8bc4a2d16f0b2f9bd:922c64590222798bb761d5b6d8e72950