basic-auth-creds: Basic Authorization Credentials Check

日期: 2025-08-01 | 影响软件: basic-auth-creds | POC: 已公开

漏洞描述

Basic authorization credentials check was conducted.

PoC代码[已公开]

id: basic-auth-creds

info:
  name: Basic Authorization Credentials Check
  author: gaurang
  severity: high
  description: Basic authorization credentials check was conducted.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: file,keys,token,auth
file:
  - extensions:
      - all

    extractors:
      - type: regex
        regex:
          - "[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\"'\\s]"

# Enhanced by md on 2023/05/04
# digest: 4a0a00473045022100adab349203f3598a0410c8f3c1001334e81f7234bdc2a08b635ac94e1235f58b022058d28c28d56d9c932f402b4e1b8eb2288a650b28dcdf417ca5e93efae90b402e:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./file/keys/credentials.yaml