nuclei-templates/http/misconfiguration/clockwork-dashboard-exposur...

35 lines
942 B
YAML
Raw Permalink Normal View History

id: clockwork-dashboard-exposure
info:
name: Clockwork Dashboard Exposure
author: dhiyaneshDk
severity: high
2024-01-03 06:08:41 +00:00
description: Clockwork Dashboard is exposed.
reference:
- https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/clockwork-dashboard-exposure.json
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: exposure,unauth,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/__clockwork/latest"
matchers-condition: and
matchers:
- type: word
words:
2021-07-23 21:43:09 +00:00
- '"id":'
- '"version":'
- '"method":'
- '"url":'
- '"time":'
part: body
condition: and
- type: word
words:
- "application/json"
part: header
# digest: 4a0a0047304502203a5e00e511f8c5e07b3226138aa5a200987ff379478ed205d50cc4efb37057bc022100c6904e2c0c287210ef34d2f2f14df7808c8c2ad43a57105b548786b1c28c6d54:922c64590222798bb761d5b6d8e72950