id: cloud-config info: name: Cloud Config File Exposure author: DhiyaneshDK,Hardik-Solanki severity: medium reference: https://www.exploit-db.com/ghdb/7959 metadata: verified: true shodan-query: html:"cloud-config.yml" tags: exposure,cloud,devops,files requests: - method: GET path: - "{{BaseURL}}/cloud-config.yml" - "{{BaseURL}}/core-cloud-config.yml" - '{{BaseURL}}/cloud-config.txt' stop-at-first-match: true matchers-condition: and matchers: - type: word words: - 'ssh_authorized_keys' - '#cloud-config' condition: and - type: status status: - 200