search

projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.
https://github.com/projectdiscovery/nuclei
MIT License
9.08k stars 2.6k forks source link

[Bug] Improper file permissions, templates marked as executable #753

Closed geeknik closed 3 years ago

geeknik commented 3 years ago

Nuclei version

2.2.1-dev

Nuclei template version

latest git commit

Describe the bug The following files are improperly marked as executable:

root@box ~/nuclei-templates# find . -maxdepth 20 -perm -111 -type f
./misconfiguration/airflow-api-exposure.yaml
./vulnerabilities/other/acme-xss.yaml
./vulnerabilities/other/yarn-resourcemanager-rce.yaml
./exposures/configs/symfony-database-config.yaml
./exposures/configs/airflow-configuration-exposure.yaml
./exposures/configs/amazon-docker-config-disclosure.yaml
./exposures/configs/ansible-config-disclosure.yaml
./exposures/configs/perl-status.yaml
./exposed-tokens/mailchimp/mailchimp-api-key.yaml
./exposed-tokens/aws/aws-access-key-value.yaml
./exposed-tokens/aws/amazon-mws-auth-token-value.yaml
./exposed-tokens/google/google-api-key.yaml
./default-logins/ofbiz/ofbiz-default-credentials.yaml
./default-logins/zabbix/zabbix-default-credentials.yaml
./default-logins/ambari/ambari-default-credentials.yaml
./exposed-panels/kafka-monitoring.yaml
./exposed-panels/flink-exposure.yaml
./exposed-panels/airflow-exposure.yaml
./exposed-panels/couchdb-fauxton.yaml
./exposed-panels/exposed-pagespeed-global-admin.yaml
./exposed-panels/zipkin-exposure.yaml
./exposed-panels/kafka-connect-ui.yaml
./exposed-panels/selenoid-ui-exposure.yaml
./exposed-panels/activemq-panel.yaml
./exposed-panels/yarn-manager-exposure.yaml
./exposed-panels/solr-exposure.yaml
./exposed-panels/kafka-topics-ui.yaml
./exposed-panels/druid-console-exposure.yaml
./exposed-panels/hadoop-exposure.yaml
./exposed-panels/active-admin-exposure.yaml
./exposed-panels/setup-page-exposure.yaml
./exposed-panels/rocketmq-console-exposure.yaml
./exposed-panels/couchdb-exposure.yaml
ehsandeep commented 3 years ago

Thank you for creating this issue, this issue has been updated / fixed here https://github.com/projectdiscovery/nuclei-templates/commit/c762044d29bbd460cde04df8a771d6662205aaa6

geeknik commented 3 years ago

@ehsandeep cves/2020/CVE-2020-10199.yaml is marked executable. I only bring these up because they set off alarms on our box when new "executable" files are found in unexpected places.

geeknik commented 3 years ago

@ehsandeep Some more "executable" files have snuck into the repo:

./workflows/weblogic-workflow.yaml
./misconfiguration/panasonic-network-management.yaml
./technologies/selea-ip-camera.yaml
./exposed-panels/network-camera-detect.yaml
./.new-additions
./takeovers/subdomain-takeover.yaml
geeknik commented 3 years ago

@ehsandeep Another round of templates with incorrect "executable" permissions have appeared in the repo:

./exposures/configs/s3cmd-config.yaml
./exposed-tokens/slack/slack-webhook-token.yaml
./exposed-tokens/microsoft/microsoft-teams-webhook.yaml
./exposed-tokens/stripe/stripe-restricted-key.yaml
./exposed-tokens/stripe/stripe-secret-key.yaml
./exposed-tokens/cloudinary/cloudinary-credentials.yaml
./exposed-tokens/artifactory/artifactory-api-token.yaml
./exposed-tokens/artifactory/artifactory-api-password.yaml
./exposed-tokens/paypal/braintree-access-token.yaml
./exposed-tokens/picatic/picatic-api-key.yaml
./exposed-tokens/zapier/zapier-webhook-token.yaml
./exposed-tokens/generic/jdbc-connection-string.yaml
./exposed-tokens/bitly/bitly-secret-key.yaml
./exposed-tokens/google/oauth-access-key.yaml
./exposed-tokens/google/google-calendar-link.yaml
./exposed-tokens/zoho/zoho-webhook-token.yaml
./exposed-tokens/sonarqube/sonarqube-token.yaml
./exposed-tokens/amazon/amazon-sns-topic.yaml
./exposed-tokens/discord/discord-webhook.yaml

We receive alerts when new "executable" files appear on our Linux boxes. 👍🏻