Update php-debugbar-exposure.yaml (#10968)

* Update php-debugbar-exposure.yaml Obliterating false negatives. * chore: remove trailing spaces Signed-off-by: Dwi Siswanto <git@dw1.io> * fix-template * simplified matchers --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dhiyaneshwaran <leedhiyanesh@gmail.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
projectdiscovery · Dec 30, 2024 · c210365 · c210365
1 parent 7d1ec9d
commit c210365
Showing 1 changed file with 8 additions and 9 deletions.
diff --git a/http/misconfiguration/php-debugbar-exposure.yaml b/http/misconfiguration/php-debugbar-exposure.yaml
@@ -2,10 +2,10 @@ id: php-debugbar-exposure
 
 info:
   name: Php Debug Bar - Exposure
-  author: ritikchaddha,pdteam,dhiyaneshDk
+  author: ritikchaddha,pdteam,DhiyaneshDk,geeknik
   severity: high
   description: |
-    The DebugBar integrates easily in any projects and can display profiling data from any part of your application. It comes built-in with data collectors for standard PHP features and popular projects.
+    The DebugBar integrates easily into projects and can display profiling data from any part of your application.This template detects exposed PHP Debug Bars by looking for known response bodies and the `phpdebugbar-id` in headers.
   reference:
     - https://hackerone.com/reports/1883806
     - http://phpdebugbar.com/
@@ -14,20 +14,19 @@ info:
     verified: true
     max-request: 2
     shodan-query: html:"phpdebugbar"
-  tags: hackerone,misconfig,php,phpdebug,exposure
+  tags: misconfig,php,phpdebug,exposure,debug
 
 http:
   - method: GET
     path:
       - "{{BaseURL}}"
       - "{{BaseURL}}/_debugbar/open"
 
-    host-redirects: true
-    max-redirects: 2
+    stop-at-first-match: true
     matchers:
       - type: dsl
         dsl:
-          - 'contains(body_1, "phpdebugbar") && contains(body, "widget")'
-          - 'contains_all(body_2, "\"utime\"","\"datetime\"","{\"id") && contains(content_type_2, "application/json")'
-        condition: or
-# digest: 4a0a004730450221008385070408864bc4f89c67be56c1e85cfede9dc779054df19a1342c2cc0d36a6022052d35aec22f6d087a7bb570fd0f0e28e75652dc9efbbd0d37942721917f0eb4e:922c64590222798bb761d5b6d8e72950
+          - 'contains_all(body, "phpdebugbar", "widget") && status_code == 200'
+          - 'contains(header, "phpdebugbar-id")'
+          - 'contains_all(body, "\"utime\"","\"datetime\"","{\"id") && contains(content_type, "application/json")'
+        condition: or