nuclei-templates/http/exposures/files/django-secret-key.yaml

48 lines
1.2 KiB
YAML

id: django-secret-key
info:
name: Django Secret Key Exposure
author: geeknik,DhiyaneshDk
severity: high
description: The Django settings.py file containing a secret key was discovered. An attacker may use the secret key to bypass many security mechanisms and potentially obtain other sensitive configuration information (such as database password) from the settings file.
reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key
metadata:
verified: true
shodan-query: html:settings.py
tags: django,exposure,files
http:
- method: GET
path:
- "{{BaseURL}}/settings.py"
- "{{BaseURL}}/app/settings.py"
- "{{BaseURL}}/django/settings.py"
- "{{BaseURL}}/settings/settings.py"
- "{{BaseURL}}/web/settings/settings.py"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "SECRET_KEY ="
- type: word
part: header
words:
- "text/html"
negative: true
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '"DJANGO_SECRET_KEY", "(.*)"'