id: glpi-directory-listing info: name: GLPI Directory Listing author: RedTeamBrasil,ImNightmaree severity: low description: In certain cases, system administrators leave directory listing enabled which can sometimes expose sensitive files. metadata: max-request: 2 tags: glpi,misconfig http: - raw: - | GET {{expose_data}} HTTP/1.1 Host: {{Hostname}} payloads: expose_data: - /glpi/files/ - /glpi/ matchers-condition: and matchers: - type: word part: body words: - "Index of /glpi/" - type: status status: - 200 # digest: 4a0a00473045022100ad57e0b81b13e4ab1b008b8cc3d3c37ec81923c46e40f6d2ef9886e2125f23e102202f7fd1355405a328ba7b6d9cf920ee7c78e2aa6f21392eecf72d31a9fed8ed81:922c64590222798bb761d5b6d8e72950