nuclei-templates/misconfiguration/wamp-xdebug-detect.yaml

20 lines
514 B
YAML

id: wamp-xdebug-detect
info:
name: WAMP xdebug
author: e_schultze_
severity: info
# Inspired on https://github.com/random-robbie/My-Shodan-Scripts/blob/1b01bceecc9be0b74b202f445874920eee48bba5/wamp-xdebug/wamp-xdebug.py
# Goal: detect if xdebug.remote_connect_back is enabled
requests:
- method: GET
path:
- "{{BaseURL}}/?phpinfo=-1"
matchers:
- type: word
words:
- 'xdebug.remote_connect_back</td><td class="v">On</td><td class="v">On</td>'
part: body