19 lines
410 B
YAML
19 lines
410 B
YAML
id: CVE-2019-11248
|
|
|
|
info:
|
|
name: exposed_pprof
|
|
author: 0xceeb
|
|
severity: medium
|
|
|
|
# https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0
|
|
# http://mmcloughlin.com/posts/your-pprof-is-showing
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/debug/pprof/"
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "Types of profiles available:"
|
|
- "Profile Descriptions" |