mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
37 lines
1.2 KiB
YAML
37 lines
1.2 KiB
YAML
id: x-backend-server-header-detect
|
|
|
|
info:
|
|
name: X-Backend-Server Header - Exposure
|
|
author: pussycat0x
|
|
severity: low
|
|
description: |
|
|
Detected that the website returned the X-Backend-Server header, which included potentially internal or hidden IP addresses or hostnames. By exposing these values, attackers might have attempted to circumvent security proxies and access these hosts directly.
|
|
remediation: disable revealing the X-Backend-Server header value.
|
|
reference:
|
|
- https://docs.gitlab.com/user/application_security/dast/browser/checks/16.4/
|
|
- https://www.zaproxy.org/docs/alerts/10039/
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: "X-Backend-Server"
|
|
tags: headers,misconfig,exposure
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/en"
|
|
|
|
matchers:
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "X-Backend-Server"
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: header
|
|
name: hostname
|
|
group: 1
|
|
regex:
|
|
- 'X-Backend-Server: ([A-Za-z0-9.-]+)'
|
|
# digest: 4a0a00473045022100af20a9ac0db7e1343fae75521798cda74c5eb0f56f998aa4397e124efc662966022061001162e755607ae1a896e664c949f13dd8c5e77d96a66a50186cb06bd1f0d1:922c64590222798bb761d5b6d8e72950 |