qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/DS_Store-found.json

69 lines
2.1 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "DS_Store found",
"Description": "A .DS_Store, short for Desktop Services Store, is an invisible file on the macOS operating system that gets automatically created anytime you look into a folder with Finder. This file will then follow the folder everywhere it goes, including when archived, like in ZIP.",
"Product": "DS_Store",
"Homepage": "https://www.apple.com/",
"DisclosureDate": "2017-01-01",
"Author": "gobysec@gmail.com",
"FofaQuery": "url_only_dir!=\"\"",
"GobyQuery": "url_only_dir!=\"\"",
"Level": "3",
"Impact": "This file stores custom attributes/metadata of its containing folder and the names of other files around it. Exposing this information could potentially allow hackers to act maliciously and let them see private files.",
"Recommendation": "The easiest way to prevent this problem from happening is to completely turn off the automatic creation of these files. For developers, you can use Git to solve this problem by .gitignore file. ",
"References": [
"https://buildthis.com/ds_store-files-and-why-you-should-know-about-them/",
"https://github.com/lijiejie/ds_store_exp"
],
"HasExp": false,
"ExpParams": null,
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/.DS_Store",
"follow_redirect": false,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "start_with",
"value": "0000000142756431",
"value_type": "hexstring",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": null,
"Tags": ["infoleak", "webvulscan"],
"CVEIDs": null,
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
},
"Disable": false
}
Reference in New Issue View Git Blame Copy Permalink