2022-05-27 04:35:41 +00:00
|
|
|
id: api-google-drive
|
2022-05-26 12:35:59 +00:00
|
|
|
|
|
|
|
info:
|
|
|
|
name: Google Drive API Test
|
|
|
|
author: geeknik
|
|
|
|
severity: info
|
|
|
|
reference:
|
|
|
|
- https://developers.google.com/drive/api/guides/about-sdk
|
2023-04-28 08:11:21 +00:00
|
|
|
metadata:
|
|
|
|
max-request: 1
|
2023-10-14 11:27:55 +00:00
|
|
|
tags: token-spray,google,drive,intrusive
|
2022-05-26 12:35:59 +00:00
|
|
|
|
|
|
|
self-contained: true
|
2023-10-14 11:27:55 +00:00
|
|
|
|
2023-04-27 04:28:59 +00:00
|
|
|
http:
|
2022-05-26 12:35:59 +00:00
|
|
|
- raw:
|
|
|
|
- |
|
|
|
|
GET https://www.googleapis.com/drive/v3/files/{{randstr}}.txt/%3fkey={{token}}&supportsAllDrives=true HTTP/1.1
|
2022-06-01 19:04:52 +00:00
|
|
|
Referer: {{referer}}
|
2022-05-26 12:35:59 +00:00
|
|
|
Content-Type:application/json
|
|
|
|
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: body
|
|
|
|
words:
|
|
|
|
- 'File not found: {{randstr}}.txt.'
|