nuclei-templates/exposed-tokens/google/fcm-server-key.yaml

20 lines
355 B
YAML
Raw Normal View History

id: fcm-server-key
info:
name: FCM Server Key
author: Abss (@absshax)
severity: high
2020-10-02 16:09:53 +00:00
# Reference:- https://abss.me/posts/fcm-takeover
2020-10-02 16:12:29 +00:00
# FCM Project Credentials
2020-10-02 16:09:53 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
2020-10-02 16:12:29 +00:00
- "AAAA[a-zA-Z0-9_-]{7}:[a-zA-Z0-9_-]{140}"