projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Home Page:https://github.com/projectdiscovery/nuclei

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

error log files Template

Elsfa7-110 opened this issue · comments

Template Information:

I discovered a bug in a program
error log file
in this path /error_log.txt
So I added it to https://github.com/projectdiscovery/nuclei-templates/blob/d6636f9169920d3ccefc692bc1a6136e2deb9205/exposures/logs/error-logs.yaml

Nuclei Template:

id: error-logs

info:
  name: common error log files
  author: geeknik,daffainfo,ELSFA7110
  severity: low
  tags: logs,exposure,error

requests:
  - method: GET
    path:
      - "{{BaseURL}}/routes/error_log"
      - "{{BaseURL}}/error_log.txt"
      - "{{BaseURL}}/config/error_log"
      - "{{BaseURL}}/error_log"
      - "{{BaseURL}}/errors_log"
      - "{{BaseURL}}/logs/error.log"
      - "{{BaseURL}}/logs/errors.log"
      - "{{BaseURL}}/log/error.log"
      - "{{BaseURL}}/log/errors.log"
      - "{{BaseURL}}/errors/errors.log"
      - "{{BaseURL}}/error/error.log"
      - "{{BaseURL}}/errors.log"
      - "{{BaseURL}}/error.log"
      - "{{BaseURL}}/error.txt"
      - "{{BaseURL}}/errors.txt"
      - "{{BaseURL}}/admin/logs/error.log"
      - "{{BaseURL}}/admin/logs/errors.log"
      - "{{BaseURL}}/admin/log/error.log"
      - "{{BaseURL}}/admin/error.log"
      - "{{BaseURL}}/admin/errors.log"
      - "{{BaseURL}}/{{Hostname}}/error.log"
      - "{{BaseURL}}/{{Hostname}}/errors.log"
      - "{{BaseURL}}/MyErrors.log"
      - "{{BaseURL}}/log.txt"
      - "{{BaseURL}}/logs.txt"
      - "{{BaseURL}}/log.log"
      - "{{BaseURL}}/application/logs/application.log"
      - "{{BaseURL}}/application/logs/default.log"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Segmentation Fault"
          - "coredump"
          - "script headers"
          - "Broken pipe"
          - "Array"
          - "Exception"
          - "Fatal"
        condition: or

      - type: word
        words:
          - text/plain
        part: header

      - type: status
        status:
          - 200