jdbc-connection-string: JDBC Connection String Disclosure

日期: 2025-08-01 | 影响软件: jdbc-connection-string | POC: 已公开

漏洞描述

PoC代码[已公开]

id: jdbc-connection-string

info:
  name: JDBC Connection String Disclosure
  author: Ice3man
  severity: unknown
  metadata:
    max-request: 1
  tags: exposure,token,generic,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - 'jdbc:[a-z:]+://[A-Za-z0-9\.\-_:;=/@?,&]+'
# digest: 4a0a0047304502210080a88bf7189df88254565167a7eff9885f0510a8203b7be3e5d87be5a53ce5d5022041648d6289149f6aa2fc192d998d7abd522e71c309d8079600d6f51bba2d0e4e:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/tokens/generic/jdbc-connection-string.yaml