shellscripts: Public shellscripts

日期: 2025-08-01 | 影响软件: shellscripts | POC: 已公开

漏洞描述

This template checks exposure of bash scripts.

PoC代码[已公开]

id: shellscripts

info:
  name: Public shellscripts
  author: panch0r3d
  severity: low
  description: This template checks exposure of bash scripts.
  metadata:
    max-request: 27
  tags: bash,exposure,files,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}{{paths}}"
    payloads:
      paths:
        - "/.build.sh"
        - "/.jenkins.sh"
        - "/.travis.sh"
        - "/install.sh"
        - "/update.sh"
        - "/upload.sh"
        - "/config.sh"
        - "/build.sh"
        - "/setup.sh"
        - "/run.sh"
        - "/backup.sh"
        - "/compile.sh"
        - "/env.sh"
        - "/init.sh"
        - "/startup.sh"
        - "/wp-setup.sh"
        - "/deploy.sh"
        - "/aws.sh"
        - "/reminder.sh"
        - "/mysqlbackup.sh"
        - "/dev2local.sh"
        - "/local2dev.sh"
        - "/local2prod.sh"
        - "/prod2local.sh"
        - "/rsync.sh"
        - "/sync.sh"
        - "/test.sh"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - ".*?bin.*?sh"
          - ".*?bin.*?bash"
        condition: or

      - type: word
        part: header
        words:
          - "application/x-sh"
          - "text/plain"
          - "text/x-sh"
        condition: or

      - type: status
        status:
          - 200
# digest: 4a0a0047304502206a3202db60253bd4e0599e1d8ceecda2a52ba3074c3489757e7c64a4561d6b26022100d0b6003a9c369b5e20070d6f183181b4c1413ccc304a606e409b9b1024c7dbee:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/files/shellscripts.yaml