id: updraftplus-pem-keys

info:
  name: UpdraftPlus Plugin Pem Key
  author: dhiyaneshDk
  severity: info
  description: UpdraftPlus wordpress plugin private key leaked with directory listing.
  reference:
    - https://www.exploit-db.com/ghdb/6437
  metadata:
    max-request: 1
  tags: wp-plugin,edb,wordpress

http:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/plugins/updraftplus/includes/'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Index of /"
          - ".pem"
          - "updraftplus"
        condition: and
        part: body

      - type: status
        status:
          - 200
# digest: 4a0a00473045022069aeb23b91ae39c1c83cdd93bf6d1bde9fb51197ac3deb4fc627d1ecd9179590022100ab9d974c2cb80ff61c7e4acaa3af17908631fce854cf754c18b0cc23c7dcc75e:922c64590222798bb761d5b6d8e72950