id: auth-json

info:
  name: Auth.json File - Disclosure
  author: DhiyaneshDk
  severity: high
  description: auth.json file is exposed.
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"auth.json"
  tags: devops,exposure,files,auth,config

http:
  - method: GET
    path:
      - "{{BaseURL}}/auth.json"

    matchers-condition: or
    matchers:
      - type: word
        part: body
        words:
          - '"http-basic": {'
          - '"username":'
          - '"password":'
        condition: and

      - type: word
        part: body
        words:
          - '"github-oauth": {'
          - '"github.com":'
        condition: and

      - type: word
        part: body
        words:
          - '"bitbucket-oauth":'
          - '"consumer-key":'
          - '"consumer-secret":'
        condition: and
# digest: 490a00463044022041c4bb864ef31efd635294afb0d84a82586c421227bf8a3d42feed005d09501402204d7a803e2d35b37558df4a4c3466907bf3acd76c3a035c10ad04335b48d4b394:922c64590222798bb761d5b6d8e72950