error-logs: Common Error Log Files

id: error-logs

info:
  name: Common Error Log Files
  author: geeknik,daffainfo,ELSFA7110,Hardik-Solanki
  severity: low
  description: Error log files were exposed.
  metadata:
    max-request: 29
  tags: logs,exposure,error,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}{{paths}}"
    payloads:
      paths:
        - "/php_errors.log"
        - "/MyErrors.log"
        - "/admin/error.log"
        - "/admin/errors.log"
        - "/admin/log/error.log"
        - "/admin/logs/error.log"
        - "/admin/logs/errors.log"
        - "/application/logs/application.log"
        - "/application/logs/default.log"
        - "/config/error_log"
        - "/error.log"
        - "/error.txt"
        - "/error/error.log"
        - "/error_log"
        - "/error_log.txt"
        - "/errors.log"
        - "/errors.txt"
        - "/errors/errors.log"
        - "/errors_log"
        - "/log.log"
        - "/log.txt"
        - "/log/error.log"
        - "/log/errors.log"
        - "/logs.txt"
        - "/logs/error.log"
        - "/logs/errors.log"
        - "/routes/error_log"
        - "/{{Hostname}}/error.log"
        - "/{{Hostname}}/errors.log"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Segmentation Fault"
          - "coredump"
          - "script headers"
          - "Broken pipe"
          - "Array"
          - "Exception"
          - "Fatal"
          - "FastCGI sent in stderr"
        condition: or

      - type: word
        condition: or
        words:
          - text/plain
          - application/octet-stream
        part: header

      - type: status
        status:
          - 200
# digest: 4b0a004830460221009832cd90c11a2d5c5883497606e367e3d0edd342d9c3e18fa2f935bcf0043e9f022100de53f193116e9bd053d21929adbb260f1d35420e8a70d5adf32f8dfa82fbe81f:922c64590222798bb761d5b6d8e72950