id: laravel-debug-infoleak info: name: Laravel Debug Info Leak author: pwnhxl severity: medium description: | This template can be used to detect a Laravel debug information leak by making a POST-based request. reference: - https://github.com/dem0ns/improper/blob/master/laravel/5_debug/1.png classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cwe-id: CWE-215 cpe: cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 shodan-query: Laravel-Framework fofa-query: app="Laravel-Framework" product: framework vendor: laravel tags: misconfig,laravel,debug,infoleak http: - raw: - | POST / HTTP/1.1 Host: {{Hostname}} matchers-condition: and matchers: - type: word part: body words: - 'vendor/laravel/framework/src/Illuminate/' - 'MethodNotAllowedHttpException' condition: and - type: word part: body words: - 'DB_PASSWORD' - 'REDIS_PASSWORD' - 'MAIL_PASSWORD' - 'ALIYUN_ACCESSKEYSECRET' - 'ALIYUN_ACCESSKEYID' - 'SMS_AUTH_TOKEN' - 'APP_KEY' condition: or - type: status status: - 405 # digest: 4b0a00483046022100dc9403c43fe76ad4fa3ae39635bad5a32c4b03ae8802607d2a94a2a423d26ac1022100a219fddd05fdfacbbd77cb01a19fc989121311726d71f3b96ffc271336beea72:922c64590222798bb761d5b6d8e72950