nuclei-templates/http/misconfiguration/gocd/gocd-encryption-key.yaml

42 lines
1.1 KiB
YAML
Raw Normal View History

2021-11-04 20:52:06 +00:00
id: gocd-encryption-key
info:
name: GoCd Encryption Key
author: dhiyaneshDk
severity: low
2024-01-03 06:08:41 +00:00
description: GoCd Encryption Key is exposed.
2021-11-04 20:52:06 +00:00
reference:
- https://attackerkb.com/assessments/9101a539-4c6e-4638-a2ec-12080b7e3b50
- https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
- https://twitter.com/wvuuuuuuuuuuuuu/status/1456316586831323140
metadata:
max-request: 1
2024-05-14 23:53:18 +00:00
shodan-query: http.title:"Create a pipeline - Go" html:"GoCD Version"
tags: go,gocd,exposure,misconfig
2021-11-04 21:26:16 +00:00
http:
2021-11-04 20:52:06 +00:00
- method: GET
path:
- "{{BaseURL}}/go/add-on/business-continuity/api/cipher.aes"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
regex:
2021-11-06 13:15:55 +00:00
- "([a-z0-9]){32}"
- type: word
part: header
words:
- "text/plain"
2021-11-04 20:52:06 +00:00
extractors:
- type: regex
regex:
2021-11-06 13:15:55 +00:00
- "([a-z0-9]){32}"
2024-05-14 23:53:18 +00:00
# digest: 490a0046304402205ac41f33e34d969b020ee864720a58cdc98c17066213906ca0a6703759bee6260220648ad5ffaa33adc1a318395cd2da424417fb64cf1ed962a0bb6da6cf73514c09:922c64590222798bb761d5b6d8e72950