nuclei-templates/http/exposures/backups/sql-dump.yaml

56 lines
1.4 KiB
YAML

id: default-sql-dump
info:
name: MySQL - Dump Files
author: geeknik,dwisiswant0,ELSFA7110
severity: medium
description: A MySQL dump file was found
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
tags: exposure,backup,mysql
http:
- method: GET
path:
- "{{BaseURL}}/1.sql"
- "{{BaseURL}}/backup.sql"
- "{{BaseURL}}/database.sql"
- "{{BaseURL}}/data.sql"
- "{{BaseURL}}/db_backup.sql"
- "{{BaseURL}}/dbdump.sql"
- "{{BaseURL}}/db.sql"
- "{{BaseURL}}/dump.sql"
- "{{BaseURL}}/{{Hostname}}.sql"
- "{{BaseURL}}/{{Hostname}}_db.sql"
- "{{BaseURL}}/localhost.sql"
- "{{BaseURL}}/mysqldump.sql"
- "{{BaseURL}}/mysql.sql"
- "{{BaseURL}}/site.sql"
- "{{BaseURL}}/sql.sql"
- "{{BaseURL}}/temp.sql"
- "{{BaseURL}}/translate.sql"
- "{{BaseURL}}/users.sql"
- "{{BaseURL}}/wp-content/uploads/dump.sql"
- "{{BaseURL}}/wp-content/mysql.sql"
headers:
Range: "bytes=0-3000"
max-size: 2000 # Size in bytes - Max Size to read from server response
matchers-condition: and
matchers:
- type: regex
regex:
- "(?m)(?:DROP|CREATE|(?:UN)?LOCK) TABLE|INSERT INTO"
part: body
- type: status
status:
- 200
- 206
condition: or
# Enhanced by mp on 2022/10/12