nuclei-templates/http/misconfiguration/jupyter-notebooks-exposed.yaml

39 lines
1.1 KiB
YAML
Raw Normal View History

id: jupyter-notebooks-exposed
info:
name: Jupyter notebooks exposed to reading and writing
author: johnk3r
2023-05-05 13:34:02 +00:00
severity: high
2024-01-03 06:08:41 +00:00
description: Jupyter notebooks are exposed.
reference:
- https://blog.aquasec.com/python-ransomware-jupyter-notebook
2024-09-10 09:08:16 +00:00
classification:
cpe: cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*
metadata:
max-request: 1
2024-09-10 08:22:50 +00:00
vendor: jupyter
2024-09-10 09:08:16 +00:00
product: notebook
shodan-query: title:"Home Page - Select or create a notebook"
tags: jupyter,misconfig
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 1
2023-10-14 11:27:55 +00:00
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- '<title>Home Page - Select or create a notebook</title>'
- '<div> There are no notebooks running. </div>'
condition: or
2024-09-12 05:14:01 +00:00
# digest: 4a0a00473045022100b0124b745239386fa1df10ede37200ad95d02a4a016b588f5163683a4689ae28022041918d48d658029cb0bc87aa4add38eb8958562b21c9c0495af41bd6a0885a5a:922c64590222798bb761d5b6d8e72950