Closed geeknik closed 3 years ago
Thank you for creating this issue, this issue has been updated / fixed here https://github.com/projectdiscovery/nuclei-templates/commit/c762044d29bbd460cde04df8a771d6662205aaa6
@ehsandeep cves/2020/CVE-2020-10199.yaml
is marked executable. I only bring these up because they set off alarms on our box when new "executable" files are found in unexpected places.
@ehsandeep Some more "executable" files have snuck into the repo:
./workflows/weblogic-workflow.yaml
./misconfiguration/panasonic-network-management.yaml
./technologies/selea-ip-camera.yaml
./exposed-panels/network-camera-detect.yaml
./.new-additions
./takeovers/subdomain-takeover.yaml
@ehsandeep Another round of templates with incorrect "executable" permissions have appeared in the repo:
./exposures/configs/s3cmd-config.yaml
./exposed-tokens/slack/slack-webhook-token.yaml
./exposed-tokens/microsoft/microsoft-teams-webhook.yaml
./exposed-tokens/stripe/stripe-restricted-key.yaml
./exposed-tokens/stripe/stripe-secret-key.yaml
./exposed-tokens/cloudinary/cloudinary-credentials.yaml
./exposed-tokens/artifactory/artifactory-api-token.yaml
./exposed-tokens/artifactory/artifactory-api-password.yaml
./exposed-tokens/paypal/braintree-access-token.yaml
./exposed-tokens/picatic/picatic-api-key.yaml
./exposed-tokens/zapier/zapier-webhook-token.yaml
./exposed-tokens/generic/jdbc-connection-string.yaml
./exposed-tokens/bitly/bitly-secret-key.yaml
./exposed-tokens/google/oauth-access-key.yaml
./exposed-tokens/google/google-calendar-link.yaml
./exposed-tokens/zoho/zoho-webhook-token.yaml
./exposed-tokens/sonarqube/sonarqube-token.yaml
./exposed-tokens/amazon/amazon-sns-topic.yaml
./exposed-tokens/discord/discord-webhook.yaml
We receive alerts when new "executable" files appear on our Linux boxes. 👍🏻
Nuclei version
Nuclei template version
Describe the bug The following files are improperly marked as executable: