2021-03-09 21:10:42 +00:00
|
|
|
id: circleci-config
|
|
|
|
|
|
|
|
info:
|
|
|
|
name: circleci config.yml exposure
|
|
|
|
author: geeknik
|
2021-03-09 21:15:59 +00:00
|
|
|
severity: low
|
2021-03-09 21:10:42 +00:00
|
|
|
reference: https://circleci.com/docs/2.0/sample-config/
|
2021-04-06 06:46:11 +00:00
|
|
|
tags: config,exposure
|
2021-03-09 21:10:42 +00:00
|
|
|
|
|
|
|
requests:
|
|
|
|
- method: GET
|
|
|
|
redirects: true
|
|
|
|
max-redirects: 3
|
|
|
|
path:
|
|
|
|
- "{{BaseURL}}/.circleci/config.yml"
|
|
|
|
|
|
|
|
matchers-condition: and
|
|
|
|
matchers:
|
|
|
|
- type: dsl
|
|
|
|
dsl:
|
2021-03-24 23:28:50 +00:00
|
|
|
- 'regex("^version: ", body) && contains(body, "jobs:")'
|
2021-03-09 21:10:42 +00:00
|
|
|
|
|
|
|
- type: status
|
|
|
|
status:
|
|
|
|
- 200
|