id: sonarqube-token
info:
name: SonarQube Token Disclosure
author: Ice3man
severity: info
metadata:
max-request: 1
tags: exposure,token,sonarqube
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "sonar.{0,50}(?:\"|'|`)?[0-9a-f]{40}(?:\"|'|`)?"
# digest: 4a0a0047304502204b7b6bb1ff958d322155673133a99b081ed1c61bd8afb5e1d0f249849b9badc6022100efbd2cb1fd9179a7c9a30daac8033d293490f30b28af36dadb2107ddd9d6e604:922c64590222798bb761d5b6d8e72950