Credit and Debit Card Number - Detection
ID: credit-card-number-detect
Severity: medium
Author: spiderSilk,morsy,geeknik
Tags: credit,debit,card,payment,security,pci
Description
Section titled “Description”This template is designed to identify the presence of credit or debit card numbers exposed within web pages, APIs, or other application responses. It searches for patterns matching card numbers using regular expressions aligned with common card formats, including Visa, MasterCard, American Express, and Discover cards. Detecting exposed card information can help identify potential compliance issues with standards like PCI DSS and mitigate risks of data leaks.
YAML Source
Section titled “YAML Source”id: credit-card-number-detect
info: name: Credit and Debit Card Number - Detection author: spiderSilk,morsy,geeknik severity: medium description: | This template is designed to identify the presence of credit or debit card numbers exposed within web pages, APIs, or other application responses. It searches for patterns matching card numbers using regular expressions aligned with common card formats, including Visa, MasterCard, American Express, and Discover cards. Detecting exposed card information can help identify potential compliance issues with standards like PCI DSS and mitigate risks of data leaks. reference: - https://www.tenable.com/plugins/was/98129 - https://en.wikipedia.org/wiki/Payment_card_number - https://stackoverflow.com/questions/9315647/regex-credit-card-number-tests tags: credit,debit,card,payment,security,pci
http: - method: GET path: - "{{BaseURL}}"
matchers-condition: and matchers: - type: regex part: body regex: - "\\b4[0-9]{12}(?:[0-9]{3})?\\b" # Visa - "\\b3[47][0-9]{13}\\b" # American Express - "\\b5[1-5][0-9]{14}\\b|\\b(222[1-9]|22[3-9]\\d|2[3-6]\\d{2}|27[0-1]\\d|2720)[0-9]{12}\\b" # MasterCard - "\\b65[4-9][0-9]{13}|64[4-9][0-9]{13}|6011[0-9]{12}|(622(?:12[6-9]|1[3-9][0-9]|[2-8][0-9][0-9]|9[01][0-9]|92[0-5])[0-9]{10})\\b" # Discover - "\\b(5018|5020|5038|6304|6759|6761|6763)[0-9]{8,15}\\b" # Maestro - "\\b62[0-9]{14,17}\\b" # UnionPay - "\\b3(?:0[0-5]|[68][0-9])[0-9]{11}\\b" # Diners Club - "\\b(?:2131|1800|35\\d{3})\\d{11}\\b" # JCB condition: or
- type: status status: - 200
- type: word part: body words: - "credit card" - "card number" - "expiry date" - "cvv" - "cardholder" condition: or
- type: word part: body words: - "<h1>Access Denied</h1>" - "The requested URL was rejected" condition: or negative: true
extractors: - type: regex name: creditcard regex: - "\\b4[0-9]{12}(?:[0-9]{3})?\\b" # Visa - "\\b3[47][0-9]{13}\\b" # American Express - "\\b5[1-5][0-9]{14}\\b|\\b(222[1-9]|22[3-9]\\d|2[3-6]\\d{2}|27[0-1]\\d|2720)[0-9]{12}\\b" # MasterCard - "\\b65[4-9][0-9]{13}|64[4-9][0-9]{13}|6011[0-9]{12}|(622(?:12[6-9]|1[3-9][0-9]|[2-8][0-9][0-9]|9[01][0-9]|92[0-5])[0-9]{10})\\b" # Discover - "\\b(5018|5020|5038|6304|6759|6761|6763)[0-9]{8,15}\\b" # Maestro - "\\b62[0-9]{14,17}\\b" # UnionPay - "\\b3(?:0[0-5]|[68][0-9])[0-9]{11}\\b" # Diners Club - "\\b(?:2131|1800|35\\d{3})\\d{11}\\b" # JCB# digest: 490a0046304402207dc75f29d5141641b991ea4059cc5ef2d73f8d6ff32f516cef4bda193554371302206f979fd45313c2babc7ae148c65366a830b035f98b6036750c949224fa2fcb2d:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/miscellaneous/credit-card-number-detect.yaml"