49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
id: django-secret-key
|
|
|
|
info:
|
|
name: Django Secret Key Exposure
|
|
author: geeknik,DhiyaneshDk
|
|
severity: high
|
|
description: The Django settings.py file containing a secret key was discovered. An attacker may use the secret key to bypass many security mechanisms and potentially obtain other sensitive configuration information (such as database password) from the settings file.
|
|
reference: https://docs.gitguardian.com/secrets-detection/detectors/specifics/django_secret_key
|
|
metadata:
|
|
max-request: 5
|
|
verified: true
|
|
shodan-query: html:settings.py
|
|
tags: django,exposure,files
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/settings.py"
|
|
- "{{BaseURL}}/app/settings.py"
|
|
- "{{BaseURL}}/django/settings.py"
|
|
- "{{BaseURL}}/settings/settings.py"
|
|
- "{{BaseURL}}/web/settings/settings.py"
|
|
|
|
stop-at-first-match: true
|
|
matchers-condition: and
|
|
matchers:
|
|
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "SECRET_KEY ="
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "text/html"
|
|
negative: true
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
group: 1
|
|
regex:
|
|
- '"DJANGO_SECRET_KEY", "(.*)"'
|