rack-mini-profiler - Environment Information Disclosure

ID: rack-mini-profiler

Severity: high

Author: vzamanillo

Tags: config,debug,rails,misconfig

Description

rack-mini-profiler is prone to environmental information disclosure which could help an attacker formulate additional attacks.

YAML Source

id: rack-mini-profiler

info:
  name: rack-mini-profiler - Environment Information Disclosure
  author: vzamanillo
  severity: high
  description: rack-mini-profiler is prone to environmental information disclosure which could help an attacker formulate additional attacks.
  metadata:
    max-request: 1
  tags: config,debug,rails,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/?pp=env"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Rack Environment"

      - type: status
        status:
          - 200
# digest: 4a0a004730450220012e662260dfdb5501c915617bcf140a1931ae7d625928250d8124a7247b1e27022100a129485f68498f4559a7e4198d73f59a38aff838ecfa23bfdfa6be505084a752:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/misconfiguration/rack-mini-profiler.yaml"

View on Github