deployment-ini: FTP Deployment Config File - Exposure

日期: 2025-08-01 | 影响软件: deployment ini | POC: 已公开

漏洞描述

Config file for "FTP deployment" utility usually contains server's FTP credentials in plain text.

PoC代码[已公开]

id: deployment-ini

info:
  name: FTP Deployment Config File - Exposure
  author: Michal Mikolas (nanuqcz)
  severity: medium
  description: |
    Config file for "FTP deployment" utility usually contains server's FTP credentials in plain text.
  remediation: |
    Delete the config file from server & add it to `ignore` section of the deployment file. Or block access to the file using `.htaccess` on the server.
  reference:
    - https://github.com/dg/ftp-deployment
  metadata:
    max-request: 12
    vendor: dg
    product: "ftp-deployment"
  tags: config,exposure,dg,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}{{paths}}"
    payloads:
      paths:
        - "/deployment.ini"
        - "/deploy.ini"
        - "/production.ini"
        - "/prod.ini"
        - "/deployment.production.ini"
        - "/deployment.prod.ini"
        - "/deploy.production.ini"
        - "/deploy.prod.ini"
        - "/server.ini"
        - "/ftp.ini"
        - "/ftps.ini"
        - "/sftp.ini"

    stop-at-first-match: true

    matchers:
      - type: regex
        regex:
          - "^remote\\s*=\\s*"
          - '^\[(.*?)\]$'
        condition: and
# digest: 4b0a00483046022100f60b578b6f2487bf414be9fa5b6c83d479cb336bc18ba31b26c6ad5f5bbe6c8b022100fe77789c7df63752d947d1c4911faa7e2912e30fcda1053b6ae595171ac42176:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/configs/deployment-ini.yaml