漏洞描述
Detected exposed .python_history files on web servers.These files contained Python REPL command history that could have leaked sensitive information such as credentials, API keys, internal paths, database queries, and system commands.
python-history-disclosure: Python History File Disclosure
PoC代码[已公开]
id: python-history-disclosure
info:
name: Python History File Disclosure
author: pussycat0x
severity: low
description: |
Detected exposed .python_history files on web servers.These files contained Python REPL command history that could have leaked sensitive information such as credentials, API keys, internal paths, database queries, and system commands.
classification:
cwe-id: CWE-538
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
metadata:
max-request: 1
verified: true
tags: exposure,python,config,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/.python_history"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_any(body, "import ", "from ", "print(", "def ", "class ", ">>>", "exit()", "quit()", "pip install", "python -")'
- 'contains_all(header, "application/octet-stream", "Server: SimpleHTTP")'
condition: and
# digest: 490a0046304402200e87aa175f7b282c098dc257074143268bc786cc464d8a461e0d2f60f6dd3e6f022028475c9f3d110637fa6cafcaee91ba4d1afb4d04b516a4c006f0746cdd95912f:922c64590222798bb761d5b6d8e72950