nuclei-templates/http/misconfiguration/gocd/gocd-encryption-key.yaml

45 lines
1.2 KiB
YAML
Raw Normal View History

2021-11-04 20:52:06 +00:00
id: gocd-encryption-key
info:
name: GoCd Encryption Key
author: dhiyaneshDk
severity: low
2024-01-03 06:08:41 +00:00
description: GoCd Encryption Key is exposed.
2021-11-04 20:52:06 +00:00
reference:
- https://attackerkb.com/assessments/9101a539-4c6e-4638-a2ec-12080b7e3b50
- https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
- https://twitter.com/wvuuuuuuuuuuuuu/status/1456316586831323140
2024-09-10 09:08:16 +00:00
classification:
cpe: cpe:2.3:a:thoughtworks:gocd:*:*:*:*:*:*:*:*
2021-11-04 20:52:06 +00:00
metadata:
max-request: 1
2024-09-10 08:22:50 +00:00
vendor: thoughtworks
2024-09-10 09:08:16 +00:00
product: gocd
shodan-query: http.title:"Create a pipeline - Go" html:"GoCD Version"
tags: go,gocd,exposure,misconfig
2021-11-04 21:26:16 +00:00
http:
2021-11-04 20:52:06 +00:00
- method: GET
path:
- "{{BaseURL}}/go/add-on/business-continuity/api/cipher.aes"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
regex:
2021-11-06 13:15:55 +00:00
- "([a-z0-9]){32}"
- type: word
part: header
words:
- "text/plain"
2021-11-04 20:52:06 +00:00
extractors:
- type: regex
regex:
2021-11-06 13:15:55 +00:00
- "([a-z0-9]){32}"
2024-09-12 05:14:01 +00:00
# digest: 4a0a00473045022100cb660f1fd76b1e1142b3fb8a0d071123a2a41bba4c674ef070c22ce4fc99a6d502205227541ddc1d4fa6a00d2f476a44d6f8cf0c593b5fffe121e8db50ee00af7788:922c64590222798bb761d5b6d8e72950