-
Notifications
You must be signed in to change notification settings - Fork 117
/
Copy pathstackTrace.bcheck
53 lines (51 loc) · 1.86 KB
/
stackTrace.bcheck
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
metadata:
language: v1-beta
name: "Stack trace was detected"
description: "Detect when a response contains a stack trace."
author: "Dominique Righetto"
tags: "passive","informative"
define:
common_detail = "The response contains a stack trace that discloses information about the server-side technology used: "
common_remediation = "Add an error handler to ensure any errors that may occur are caught, then return a generic message."
given response then
# Source: https://github.com/righettod/burp-piper-custom-scripts/blob/main/detect-response-with-errors-disclosure.py
# Java
if {latest.response.body} matches "(java\.[\w]+\.[\w]+)" then
report issue:
severity: info
confidence: firm
detail: `{common_detail} Java.`
remediation: `{common_remediation}`
end if
# .Net
if {latest.response.body} matches "(\w+Exception:\s['\"\w\d\s]+)" then
report issue:
severity: info
confidence: firm
detail: `{common_detail} .NET.`
remediation: `{common_remediation}`
end if
# NodeJS
if {latest.response.body} matches "(at\stryModuleLoad\s)" then
report issue:
severity: info
confidence: firm
detail: `{common_detail} NodeJS.`
remediation: `{common_remediation}`
end if
# PHP
if {latest.response.body} matches "(\.php\son\sline\s\d+)" then
report issue:
severity: info
confidence: firm
detail: `{common_detail} PHP.`
remediation: `{common_remediation}`
end if
# RUBY
if {latest.response.body} matches "(\.rb:\d+:in)" then
report issue:
severity: info
confidence: firm
detail: `{common_detail} Ruby.`
remediation: `{common_remediation}`
end if