id: php-backup-files info: name: PHP source disclosure through backup files author: StreetOfHackerR007 (Rohit Soni) severity: medium tags: exposure,backup,php,disclosure requests: - method: GET path: - "{{BaseURL}}/index.php.bak" - "{{BaseURL}}/default.php.bak" - "{{BaseURL}}/main.php.bak" - "{{BaseURL}}/config.php.bak" - "{{BaseURL}}/settings.php.bak" - "{{BaseURL}}/header.php.bak" - "{{BaseURL}}/footer.php.bak" - "{{BaseURL}}/login.php.bak" - "{{BaseURL}}/database.php.bak" - "{{BaseURL}}/db.php.bak" - "{{BaseURL}}/conn.php.bak" - "{{BaseURL}}/db_config.php.bak" - "{{BaseURL}}/404.php.bak" - "{{BaseURL}}/wp-config.php.bak" - "{{BaseURL}}/wp-login.php.bak" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "" part: body - type: word words: - "text/plain" - "bytes" part: header condition: or