private-key-exposure: Private key exposure via helper detector

漏洞描述

PoC代码[已公开]

id: private-key-exposure

info:
  name: Private key exposure via helper detector
  author: aashiq
  severity: high
  description: Searches for private key exposure by attempting to query the helper endpoint on node_modules
  metadata:
    max-request: 1
  tags: exposure,node,misconfig,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/node_modules/mqtt/test/helpers/"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Index of /node_modules/mqtt/test/helpers"
          - "Parent Directory"
        condition: and
# digest: 4b0a004830460221009507772f12bfed388757f3491783822e5b28fc08b4470d13cf57c130cd92ec62022100f12ccd0ae0e56674c05f2d8b8a17727ab2046e53475357ed214cf2be2cab10f6:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC wp-security-hidden-login-exposure: WordPress All-in-One Security <=4.4.1 - Hidden Login Page Exposure
• POC cockroachdb-unauth-exposure: CockroachDB Unauthenticated Console Exposure
• POC CVE-2021-40149: Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure
• POC CVE-2024-5936: PrivateGPT < 0.5.0 - Open Redirect
• POC CVE-2025-29925: XWiki REST API - Private Pages Disclosure
• POC rds-public-subnet: RDS Instance Private Subnet
• POC azure-openai-private-endpoints-unconfigured: Azure OpenAI Service Instances Not Using Private Endpoints
• POC azure-aks-use-private-kv: Azure AKS Encryption at Rest Not Using Private Key Vault
• POC azure-apim-nv-plaintext-exposure: Azure API Management Non-Encrypted Named Values Exposure
• POC azure-apim-public-access-disabled: Azure API Management Public Network Access Disabled with Private Endpoint
• POC azure-functionapp-public-exposure: Exposed Azure Functions
• POC avtech-dvr-exposure: Avtech AVC798HA DVR Information Exposure
• POC azure-storage-private-endpoint-unconfigured: Azure Storage Private Endpoint Not Configured