nuclei-templates/file/audit/pfsense/configure-session-timeout.yaml

id: configure-session-timeout

info:
  name: Configure Sessions Timeout
  author: pussycat0x
  severity: info
  description: |
    Indefinite or even long session timeout window increase the risk of attackers abusing abandoned sessions.    
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html    
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file

file:
  - extensions:
      - xml

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<session_timeout>"
          - "<session_timeout>0</session_timeout>"
        condition: or
        negative: true

      - type: word
        words:
          - "<pfsense>"
          - "<webgui>"
          - "<system>"
        condition: and