id: laravel-telescope

info:
  name: Laravel Telescope Disclosure
  author: geeknik
  severity: medium
  description: Telescope provides insight into the requests coming into your application, exceptions, log entries, database queries, queued jobs, mail, notifications, cache operations, scheduled tasks, variable dumps, and more.
  reference:
    - https://laravel.com/docs/8.x/telescope
  metadata:
    max-request: 1
  tags: laravel,disclosure,logs,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}/telescope/requests"

    host-redirects: true
    matchers:
      - type: word
        words:
          - "<title>Telescope</title>"
          - "Requests"
          - "Commands"
          - "Schedule"
        condition: and
# digest: 4a0a00473045022100fdad26639d92864ada46432b8fb15e3449b6143855d6bdef843145a4d4ed0df40220436b05615cb9056b70077e1722af5e0a9ccae163ceaf26b14c00c07dbbf3ad3f:922c64590222798bb761d5b6d8e72950