MySQL - Dump Files

ID: default-sql-dump

Severity: medium

Author: geeknik,dwisiswant0,ELSFA7110,mastercho

Tags: exposure,backup,mysql

Description

A MySQL dump file was found

YAML Source

id: default-sql-dump

info:
  name: MySQL - Dump Files
  author: geeknik,dwisiswant0,ELSFA7110,mastercho
  severity: medium
  description: A MySQL dump file was found
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    max-request: 21
  tags: exposure,backup,mysql

http:
  - method: GET
    path:
      - "{{BaseURL}}{{paths}}"
    payloads:
      paths:
        - "/1.sql"
        - "/backup.sql"
        - "/database.sql"
        - "/data.sql"
        - "/db_backup.sql"
        - "/dbdump.sql"
        - "/db.sql"
        - "/dump.sql"
        - "/{{Hostname}}.sql"
        - "/{{Hostname}}_db.sql"
        - "/localhost.sql"
        - "/mysqldump.sql"
        - "/mysql.sql"
        - "/site.sql"
        - "/sql.sql"
        - "/temp.sql"
        - "/translate.sql"
        - "/users.sql"
        - "/www.sql"
        - "/wp-content/uploads/dump.sql"
        - "/wp-content/mysql.sql"

    headers:
      Range: "bytes=0-3000"
    max-size: 2000 # Size in bytes - Max Size to read from server response

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "(?m)(?:DROP|CREATE|(?:UN)?LOCK) TABLE|INSERT INTO"
        part: body

      - type: status
        status:
          - 200
          - 206
        condition: or
# digest: 4a0a00473045022074f9a36964a29fab491f7139e17f58c8e1fbcb5a8c5a542537b4781369cdd1f00221009bc14fb5fb5e6914914212c43230fce45dedac2a50642e54d81639d93fd65a7c:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/exposures/backups/sql-dump.yaml"

View on Github