mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-06 02:33:22 +08:00
209538baa6
* info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
28 lines
729 B
YAML
28 lines
729 B
YAML
id: spring-framework-exceptions
|
|
|
|
info:
|
|
name: Spring Framework Exceptions
|
|
author: geeknik
|
|
severity: medium
|
|
description: Detects suspicious Spring framework exceptions that could indicate exploitation attempts
|
|
reference:
|
|
- https://docs.spring.io/spring-security/site/docs/current/apidocs/overview-tree.html
|
|
tags: file,logs,spring
|
|
|
|
file:
|
|
- extensions:
|
|
- all
|
|
|
|
extractors:
|
|
- type: regex
|
|
name: exception
|
|
part: body
|
|
regex:
|
|
- 'AccessDeniedException'
|
|
- 'CsrfException'
|
|
- 'InvalidCsrfTokenException'
|
|
- 'MissingCsrfTokenException'
|
|
- 'CookieTheftException'
|
|
- 'InvalidCookieException'
|
|
- 'RequestRejectedException'
|