21 lines
444 B
YAML
21 lines
444 B
YAML
|
id: detect-sentry
|
||
|
|
||
|
info:
|
||
|
name: Detect Sentry Instance
|
||
|
author: Sicksec
|
||
|
severity: info
|
||
|
tags: ssrf,sentry,tech
|
||
|
reference: |
|
||
|
- https://hackerone.com/reports/374737
|
||
|
- https://twitter.com/itsecurityguard/status/1127893545619218432?lang=en
|
||
|
|
||
|
requests:
|
||
|
- method: GET
|
||
|
path:
|
||
|
- "{{BaseURL}}"
|
||
|
|
||
|
extractors:
|
||
|
- type: regex
|
||
|
part: body
|
||
|
regex:
|
||
|
- "https://[0-9a-f]*@[a-z0-9]+\\.[a-z.]+.?[0-9]+"
|