nuclei-templates/exposures/files/ds_store.yaml

32 lines
589 B
YAML

id: ds-store-file
info:
name: Directory Listing via DS_Store
author: 0w4ys
severity: info
tags: file,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/.DS_Store"
headers:
User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"
matchers-condition: and
matchers:
- type: word
words:
- "\x00@\x00"
- type: status
status:
- 200
- type: word
words:
- "Accept-Ranges: bytes"
- "octet-stream"
condition: or
part: header