id: production-log

info:
  name: Production Log File Disclosure
  author: geeknik
  severity: low
  description: Production log file was exposed.
  metadata:
    verified: true
    max-request: 3
    github-query: filename:production.log Connecting to database specified by database.yml
  tags: exposure,files,logs

http:
  - method: GET
    path:
      - '{{BaseURL}}/log/production.log'
      - '{{BaseURL}}/logs/production.log'
      - '{{BaseURL}}/production.log'

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'Connecting to database specified by database.yml'

      - type: word
        part: header
        words:
          - 'text/html'
        negative: true

      - type: status
        status:
          - 200
# digest: 4a0a004730450220199352cf9635064da4c1c8696564df4aece8e30dff637802b452189e7ae1fb12022100b9847a6091264aece3faa65a7c3f8331fceb3d385e0a90103a7f029b34661cac:922c64590222798bb761d5b6d8e72950