id: shellscripts

info:
  name: Public shellscripts
  author: panch0r3d
  severity: low
  metadata:
    max-request: 23
  tags: bash,exposure,files

http:
  - method: GET
    path:
      - "{{BaseURL}}/.build.sh"
      - "{{BaseURL}}/.jenkins.sh"
      - "{{BaseURL}}/.travis.sh"
      - "{{BaseURL}}/install.sh"
      - "{{BaseURL}}/update.sh"
      - "{{BaseURL}}/config.sh"
      - "{{BaseURL}}/build.sh"
      - "{{BaseURL}}/setup.sh"
      - "{{BaseURL}}/run.sh"
      - "{{BaseURL}}/backup.sh"
      - "{{BaseURL}}/compile.sh"
      - "{{BaseURL}}/env.sh"
      - "{{BaseURL}}/init.sh"
      - "{{BaseURL}}/startup.sh"
      - "{{BaseURL}}/wp-setup.sh"
      - "{{BaseURL}}/deploy.sh"
      - "{{BaseURL}}/aws.sh"
      - "{{BaseURL}}/reminder.sh"
      - "{{BaseURL}}/mysqlbackup.sh"
      - "{{BaseURL}}/dev2local.sh"
      - "{{BaseURL}}/local2dev.sh"
      - "{{BaseURL}}/local2prod.sh"
      - "{{BaseURL}}/prod2local.sh"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - ".*?bin.*?sh"
          - ".*?bin.*?bash"
        condition: or

      - type: word
        part: header
        words:
          - "application/x-sh"
          - "text/plain"
          - "text/x-sh"
        condition: or

      - type: status
        status:
          - 200

# digest: 4a0a00473045022100e995ef79c91ebcd677cb64000ff4006e5dd9eecfddae9f468cb1bd5b39b33f7f0220232bbde057ff519652934acd3a07ae94cfed3858d2c3da1d5502a0048cc61462:922c64590222798bb761d5b6d8e72950