mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
57 lines
1.7 KiB
YAML
57 lines
1.7 KiB
YAML
id: mixed-active-content
|
|
|
|
info:
|
|
name: Mixed Active Content
|
|
author: Liwermor
|
|
severity: info
|
|
description: |
|
|
This check detects if there are any active content loaded over HTTP instead of HTTPS.
|
|
reference:
|
|
- https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content
|
|
- https://portswigger.net/kb/issues/01000400_mixed-content
|
|
- https://resources.infosecinstitute.com/topics/vulnerabilities/https-mixed-content-vulnerability/
|
|
- https://docs.gitlab.com/ee/user/application_security/dast/checks/319.1.html
|
|
metadata:
|
|
max-request: 1
|
|
tags: misconfig,vuln
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}"
|
|
|
|
matchers-condition: and
|
|
max-redirects: 0
|
|
matchers:
|
|
- type: regex
|
|
part: body
|
|
negative: true
|
|
regex:
|
|
- "(?mi)<!--\\[if (lt|lte) IE [0-9]*\\]>\\s*<script[^>]*\\ssrc=\"http://"
|
|
|
|
- type: regex
|
|
part: body
|
|
negative: true
|
|
regex:
|
|
- "<!--\\s*<script"
|
|
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "<script[^>]*src=['\"]http://[^'\">]+['\"]"
|
|
- "<iframe[^>]*src=['\"]http://[^'\">]+['\"]"
|
|
- "<object[^>]*data=['\"]http://[^'\">]+['\"]"
|
|
|
|
- type: dsl
|
|
dsl:
|
|
- 'startswith(tostring(BaseURL), "https://")'
|
|
|
|
extractors:
|
|
- type: regex
|
|
group: 1
|
|
part: body
|
|
regex:
|
|
- "<script[^>]*src=['\"](http[^s'\">][^'\">]*)['\"]"
|
|
- "<iframe[^>]*src=['\"](http[^s'\">][^'\">]*)['\"]"
|
|
- "<object[^>]*data=['\"](http[^s'\">][^'\">]*)['\"]"
|
|
# digest: 4b0a004830460221009b0b9daf144014e4435db3baf5347c71288ca7eed79471973f195b73fbe53bfa022100e25e8f9bc909f8e24e3acf57ac485f1929d2758c3fbe78cd1fbdf40c1f8cb992:922c64590222798bb761d5b6d8e72950 |