config-rb: Ruby Configuration File - Detect

漏洞描述

PoC代码[已公开]

id: config-rb

info:
  name: Ruby Configuration File - Detect
  author: DhiyaneshDK
  severity: unknown
  description: Multiple Ruby configuration files were detected.
  metadata:
    verified: true
    max-request: 3
    shodan-query: html:"config.rb"
  tags: ruby,devops,exposure,config,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/config.rb"
      - "{{BaseURL}}/.chef/config.rb"
      - "{{BaseURL}}/assets/config.rb"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'images_dir'
          - 'css_dir'
        condition: and

      - type: status
        status:
          - 200
# digest: 490a0046304402207358f896e208480399e21a8f0f86d8078a2705dc43b27cae05469c345f6adfa502206cc9319d987e385a7b94794b8fe3b1b908c9d27df6dca10576b126f0cd109401:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• Windows PolicyConfiguration 计划任务特权提升漏洞(CVE-2025-60710)
• (CVE-2025-61884) Oracle配置器运行时UI未授权访问漏洞
• CVE-2019-16663: rConfig v3.9.2 RCE
• CVE-2019-3799: Spring Cloud Config Server Directory Traversal
• POC CVE-2001-0537: Cisco IOS HTTP Configuration - Authentication Bypass
• POC CVE-2018-10956: IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion
• POC CVE-2019-16662: rConfig 3.9.2 - Remote Code Execution
• POC CVE-2019-3799: Spring Cloud Config Server - Local File Inclusion
• POC CVE-2020-10220: rConfig 3.9 - SQL Injection
• POC CVE-2020-10546: rConfig 3.9.4 - SQL Injection
• POC CVE-2020-10547: rConfig 3.9.4 - SQL Injection
• POC CVE-2020-10548: rConfig 3.9.4 - SQL Injection
• POC CVE-2020-10549: rConfig <=3.9.4 - SQL Injection