smtp-credentials-exposure: SMTP Credentials Exposure - Detection

日期: 2026-01-08 | 影响软件: smtp credentials exposure | POC: 已公开

漏洞描述

Detects exposed SMTP credentials (username and password) in a webpage's HTML or JavaScript source code.

PoC代码[已公开]

id: smtp-credentials-exposure

info:
  name: SMTP Credentials Exposure - Detection
  author: pussycat0x
  severity: high
  description: |
    Detects exposed SMTP credentials (username and password) in a webpage's HTML or JavaScript source code.
  metadata:
    verified: true
    shodan-query: html:"smtp_password"
    max-request: 1
  tags: exposure,smtp,config,credentials

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    host-redirects: true
    max-redirects: 2

    matchers:
      - type: dsl
        dsl:
          - contains_all(body, "smtp_username","smtp_password")
          - status_code == 200
        condition: and

    extractors:
      - type: regex
        part: body
        name: username
        group: 1
        regex:
          - smtp_username":".*"
          - <smtp_username>(.*)</smtp_username>
        internal: true

      - type: regex
        part: body
        name: password
        group: 1
        regex:
          - smtp_password":".*"
          - <smtp_password>(.*)</smtp_password>
        internal: true

      - type: dsl
        dsl:
          - '"Username: "+ username'
          - '"PASSWORD: "+ password'
# digest: 490a0046304402202cb049b5f52df354b3b8a92dc1aed3f15fd5cf8c7f9cb6c48f16e7cdde944969022009e24315e10743321e449ea7af881f5015c80179ab277ccd1fbe0b4da208a86e:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/configs/smtp-credentials-exposure.yaml

相关漏洞推荐