51 lines
1.1 KiB
YAML
51 lines
1.1 KiB
YAML
id: php-backup-files
|
|
|
|
info:
|
|
name: PHP source disclosure through backup files
|
|
author: StreetOfHackerR007 (Rohit Soni)
|
|
severity: medium
|
|
tags: exposure,backup,php
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/index.php.bak"
|
|
- "{{BaseURL}}/default.php.bak"
|
|
- "{{BaseURL}}/main.php.bak"
|
|
- "{{BaseURL}}/config.php.bak"
|
|
- "{{BaseURL}}/settings.php.bak"
|
|
- "{{BaseURL}}/header.php.bak"
|
|
- "{{BaseURL}}/footer.php.bak"
|
|
- "{{BaseURL}}/login.php.bak"
|
|
- "{{BaseURL}}/database.php.bak"
|
|
- "{{BaseURL}}/db.php.bak"
|
|
- "{{BaseURL}}/conn.php.bak"
|
|
- "{{BaseURL}}/db_config.php.bak"
|
|
- "{{BaseURL}}/404.php.bak"
|
|
- "{{BaseURL}}/wp-config.php.bak"
|
|
- "{{BaseURL}}/wp-login.php.bak"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
- type: word
|
|
words:
|
|
- "<?php"
|
|
- "<?="
|
|
condition: or
|
|
part: body
|
|
|
|
- type: word
|
|
words:
|
|
- "?>"
|
|
part: body
|
|
|
|
- type: word
|
|
words:
|
|
- "text/plain"
|
|
- "bytes"
|
|
part: header
|
|
condition: or |