id: ruby-secrets-file info: name: Ruby on Rails secrets.yml File Exposure author: DhiyaneshDK severity: high reference: https://www.exploit-db.com/ghdb/6283 metadata: verified: true google-query: intitle:"index of" "secrets.yml" tags: misconfig,cloud,devops,files requests: - method: GET path: - "{{BaseURL}}/secrets.yml" - "{{BaseURL}}/config/secrets.yml" - "{{BaseURL}}/test/config/secrets.yml" - "{{BaseURL}}/redmine/config/secrets.yml" stop-at-first-match: true matchers-condition: and matchers: - type: regex regex: - 'secret_key_base: ([a-z0-9]+)' - type: word part: header words: - "application/json" - "text/html" negative: true condition: and - type: status status: - 200 extractors: - type: regex part: body group: 1 regex: - 'secret_key_base: ([a-z0-9]+)'