internal-ip-disclosure.yaml matches any IP address, not only internal ones #9406
Assignees
Labels
false-positive
Nuclei template reporting invalid/unexpected result
Comments
Open-Sec
added
the
false-positive
|
Template http/misconfiguration/iis-internal-ip-disclosure.yaml has same issue |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Nuclei Version:
Nuclei Engine Version: v3.2.2
Template file:
http/misconfiguration/internal-ip-disclosure.yaml
Command to reproduce:
nuclei -u http://public_IP -t ./http/misconfiguration/internal-ip-disclosure.yaml
Anything else:
Regular expression used to match internal IP addresses matches any IP address, so if the redirect (by Location means) points to another IP public address, it will match.
Suggested regex :
^(10(.(25[0-5]|2[0-4][0-9]|1[0-9]{1,2}|[0-9]{1,2})){3}|((172.(1[6-9]|2[0-9]|3[01]))|192.168)(.(25[0-5]|2[0-4][0-9]|1[0-9]{1,2}|[0-9]{1,2})){2})$
(regex taken from https://stackoverflow.com/a/44333761)
The text was updated successfully, but these errors were encountered: