id: github-gemfile-files

info:
  name: Github Gemfiles
  author: hahwul
  severity: info
  description: Find github page files(Gemfile / Gemfile.lock)
  metadata:
    max-request: 2
  tags: github,exposure,files

http:
  - method: GET
    path:
      - "{{BaseURL}}/Gemfile"
      - "{{BaseURL}}/Gemfile.lock"

    matchers-condition: or
    matchers:
      - type: dsl
        dsl:
          - 'contains(body, "https://rubygems.org")'
          - 'contains(body, "source")'
          - 'contains(body, "gem")'
          - 'status_code == 200'
        condition: and

      - type: dsl
        dsl:
          - 'contains(body, "https://rubygems.org")'
          - 'contains(body, "remote")'
          - 'contains(body, "specs")'
          - 'status_code == 200'
        condition: and

# digest: 4b0a00483046022100a916c3374acc25721c8aa457f743ecf1a4af8fa5608e26afa24194537e211abf022100b20ceb5335ccffb53f2598ee45bdc2895f14b4cb4feea8978ea7a0774fd56be0:922c64590222798bb761d5b6d8e72950