nuclei-templates/misconfiguration/laravel-debug-infoleak.yaml

51 lines
1.2 KiB
YAML

id: laravel-debug-infoleak
info:
name: Laravel Debug Info Leak
author: pwnhxl
severity: medium
description: |
This template can be used to detect a Laravel debug information leak by making a POST-based request.
reference:
- https://github.com/dem0ns/improper/blob/master/laravel/5_debug/1.png
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cvss-score: 6.5
cwe-id: CWE-215
metadata:
verified: "true"
shodan-query: Laravel-Framework
fofa-query: app="Laravel-Framework"
tags: misconfig,laravel,debug,infoleak
requests:
- raw:
- |
POST / HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'vendor/laravel/framework/src/Illuminate/'
- 'MethodNotAllowedHttpException'
condition: and
- type: word
part: body
words:
- 'DB_PASSWORD'
- 'REDIS_PASSWORD'
- 'MAIL_PASSWORD'
- 'ALIYUN_ACCESSKEYSECRET'
- 'ALIYUN_ACCESSKEYID'
- 'SMS_AUTH_TOKEN'
- 'APP_KEY'
condition: or
- type: status
status:
- 405