漏洞描述
Detected exposed bash configuration on web servers that could have contained sensitive information such as credentials, API keys, database connection strings, or internal paths.
bash-config-exposure: Bash Configuration - Exposure
PoC代码[已公开]
id: bash-config-exposure
info:
name: Bash Configuration - Exposure
author: theamanrawat
severity: low
description: |
Detected exposed bash configuration on web servers that could have contained sensitive information such as credentials, API keys, database connection strings, or internal paths.
metadata:
verified: true
tags: exposure,config,misconfig,bash
http:
- method: GET
path:
- "{{BaseURL}}/.bashrc"
- "{{BaseURL}}/.bash_profile"
- "{{BaseURL}}/.profile"
- "{{BaseURL}}/.zshrc"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "usr/(local|bin)/"
- type: word
part: body
words:
- "export "
- "source "
- "if ["
- "then"
- "echo "
- "for "
- "do"
- "done"
condition: or
- type: word
part: body
words:
- "<html"
- "<!DOCTYPE"
- "404"
- "Not Found"
negative: true
- type: status
status:
- 200
# digest: 4a0a00473045022028096bded596e01d2da87e277b3c8f5c6e726325557aab2cf9c7e1b18418f152022100bd064f3f841639a513f97fdd48b0f08d14f036fe91d359b0efcd016bbfb5d437:922c64590222798bb761d5b6d8e72950