nuclei-templates/vulnerabilities/other/jfrog-unauth-build-exposed....

38 lines
1006 B
YAML
Raw Normal View History

2021-07-02 02:53:42 +00:00
id: jfrog-unauth-build-exposed
info:
name: JFrog Unauthentication Builds
author: dhiyaneshDK
severity: medium
2021-07-02 15:23:02 +00:00
referemce: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml
2021-07-02 02:53:42 +00:00
tags: jfrog
requests:
- raw:
- |
POST /ui/api/v1/global-search/builds?jfLoader=true HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4271.0 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json
2021-07-02 02:55:40 +00:00
2021-07-02 02:53:42 +00:00
{"name":"","before":"","after":"","direction":"desc","order_by":"date","num_of_rows":100}
2021-07-03 19:52:08 +00:00
2021-07-03 19:56:41 +00:00
matchers-condition: and
2021-07-02 02:53:42 +00:00
matchers:
- type: word
words:
- "last_build_number"
- "build_name"
condition: and
part: body
- type: word
words:
- application/json
part: header
- type: status
status:
- 200