46 lines
1.3 KiB
YAML
46 lines
1.3 KiB
YAML
id: putty-private-key-disclosure
|
|
|
|
info:
|
|
name: Putty Private Key Disclosure
|
|
author: DhiyaneshDk,geeknik
|
|
severity: medium
|
|
description: Putty internal user key file is exposed.
|
|
reference:
|
|
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/putty-private-key-disclosure.json
|
|
classification:
|
|
cpe: cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
verified: true
|
|
max-request: 8
|
|
vendor: putty
|
|
product: putty
|
|
github-query: filename:putty.ppk
|
|
tags: exposure,files
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/my.ppk"
|
|
- "{{BaseURL}}/putty.ppk"
|
|
- "{{BaseURL}}/{{Hostname}}.ppk"
|
|
- "{{BaseURL}}/.ssh/putty.ppk"
|
|
- "{{BaseURL}}/.ssh/{{Hostname}}.ppk"
|
|
- "{{BaseURL}}/.putty/my.ppk"
|
|
- "{{BaseURL}}/.putty/putty.ppk"
|
|
- "{{BaseURL}}/.putty/{{Hostname}}.ppk"
|
|
|
|
stop-at-first-match: true
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "PuTTY-User-Key-File"
|
|
- "Encryption:"
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 490a0046304402200cbe18cadacb1d4c4683cee0b19764ee08e2b8fe2b79d866fc935453efd7f7be02207bd558bb63609e4817c77db084e2646ffd8b8560bd2edc1bfdf90082e76a803d:922c64590222798bb761d5b6d8e72950 |