nuclei-templates/exposures/configs/magento-config.yaml

31 lines
557 B
YAML

id: magento-config
info:
name: Magento Config Disclosure
author: geeknik
severity: medium
metadata:
shodan-query: http.component:"Magento"
tags: config,exposure,magento
requests:
- method: GET
path:
- "{{BaseURL}}/app/etc/local.xml"
- "{{BaseURL}}/store/app/etc/local.xml"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "text/xml"
part: header
- type: word
words:
- "Magento"
part: body