-
Notifications
You must be signed in to change notification settings - Fork 0
/
Common Python file exposures.bcheck
41 lines (34 loc) · 1.41 KB
/
Common Python file exposures.bcheck
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
metadata:
language: v1-beta
name: "Common Python file exposures."
description: "Checks for common Python files that may be exposed."
author: "DemonGod"
tags: "python", "file", "exposure"
run for each:
potential_path =
"/Pipfile",
"/pyproject.toml",
"Pipfile.lock"
given request then
send request called check:
method: "GET"
replacing path: `{regex_replace({regex_replace({base.request.url},"^.*?\/.*?\/.*?\/","/")},"([^/]+)$", "")}{potential_path}`
if {check.response.status_code} is "200" and
"[[source]]" in {check.response.body} or "[packages]" in {check.response.body} or "[dev-packages]" in {check.response.body} then
report issue:
severity: low
confidence: firm
detail: `Python Pipfile exposed at {check.response.url}`
else if {check.response.status_code} is "200" and
"[tool.poetry]" in {check.response.body} or "[tool.poetry.dependencies]" in {check.response.body} or "[tool.poetry.dev-dependencies]" in {check.response.body} then
report issue:
severity: low
confidence: firm
detail: `Python pyproject.toml exposed at {check.response.url}`
else if {check.response.status_code} is "200" and
"pipfile-spec" in {check.response.body} and "requires" in {check.response.body} then
report issue:
severity: low
confidence: firm
detail: `Python Pipfile.lock exposed at {check.response.url}`
end if