id: wordpress-accessible-wpconfig info: name: WordPress wp-config Detection author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess,0xpugazh,mastercho severity: medium description: WordPress `wp-config` was discovered. This file is remotely accessible and its content available for reading. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 metadata: max-request: 30 tags: wordpress,backup http: - method: GET path: - '{{BaseURL}}/wp-config.php' - '{{BaseURL}}/.wp-config.php.swp' - '{{BaseURL}}/wp-config-sample.php' - '{{BaseURL}}/wp-config.inc' - '{{BaseURL}}/wp-config.old' - '{{BaseURL}}/wp-config.txt' - '{{BaseURL}}/wp-config.php.txt' - '{{BaseURL}}/wp-config.php.bak' - '{{BaseURL}}/wp-config.php.BAK' - '{{BaseURL}}/wp-config.php.old' - '{{BaseURL}}/wp-config.php.OLD' - '{{BaseURL}}/wp-config.php.dist' - '{{BaseURL}}/wp-config.php.inc' - '{{BaseURL}}/wp-config.php.swp' - '{{BaseURL}}/wp-config.php.html' - '{{BaseURL}}/wp-config-backup.txt' - '{{BaseURL}}/wp-config.php.save' - '{{BaseURL}}/wp-config.php.SAVE' - '{{BaseURL}}/wp-config.php~' - '{{BaseURL}}/wp-config.php-backup' - '{{BaseURL}}/wp-config.php.orig' - '{{BaseURL}}/wp-config.php_orig' - '{{BaseURL}}/wp-config.php.original' - '{{BaseURL}}/wp-config.backup' - '{{BaseURL}}/_wpeprivate/config.json' - '{{BaseURL}}/config.php.zip' - '{{BaseURL}}/config.php.tar.gz' - '{{BaseURL}}/config.php.new' - '{{BaseURL}}/common/config.php.new' - '{{BaseURL}}/wp-config.php.bk' stop-at-first-match: true matchers-condition: or matchers: - type: word words: - "DB_NAME" - "DB_PASSWORD" part: body condition: and - type: word part: body words: - "DBNAME" - "PASSWORD" condition: and - type: word part: body words: - "DB_USERNAME" - "DB_PASSWORD" condition: and # digest: 4b0a00483046022100e594c95c4363beaffcf591c743fb8c4d5a0e46242433e9511eb4fef69d60d52d022100c412980eea430593ada6a3b18f85bcbc9798a9a623dffcdcfac9e6cb724d2a04:922c64590222798bb761d5b6d8e72950