From a2ffd5579bce7c3a4cd0eaa238b178c65f78c1e8 Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Sat, 30 Jan 2021 00:54:16 +0000
Subject: [PATCH 1/3] Create alibaba-canal-info-leak.yaml

---
 exposed-panels/alibaba-canal-info-leak.yaml | 33 +++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 exposed-panels/alibaba-canal-info-leak.yaml

diff --git a/exposed-panels/alibaba-canal-info-leak.yaml b/exposed-panels/alibaba-canal-info-leak.yaml
new file mode 100644
index 0000000000..c4c4d7ed15
--- /dev/null
+++ b/exposed-panels/alibaba-canal-info-leak.yaml
@@ -0,0 +1,33 @@
+id: Alibaba-Canal-Info-Leak
+
+info:
+  name: Alibaba Canal Info Leak
+  author: pikpikcu
+  severity: info
+
+  # https://github.com/alibaba/canal/issues/632
+  # https://netty.io/wiki/reference-counted-objects.html
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/v1/canal/config/1/1"
+    headers:
+      Content-Type: application/json
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "application/json"
+        condition: and
+        part: header
+      - type: word
+        words:
+          - "ncanal.aliyun.accessKey"
+          - "ncanal.aliyun.secretKey"
+        condition: and
+        part: body

From 1c456c03d6fe1293c09f6db555e6df0b7924060a Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Sat, 30 Jan 2021 00:58:14 +0000
Subject: [PATCH 2/3] Update alibaba-canal-info-leak.yaml

---
 exposed-panels/alibaba-canal-info-leak.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/exposed-panels/alibaba-canal-info-leak.yaml b/exposed-panels/alibaba-canal-info-leak.yaml
index c4c4d7ed15..f9de2da35d 100644
--- a/exposed-panels/alibaba-canal-info-leak.yaml
+++ b/exposed-panels/alibaba-canal-info-leak.yaml
@@ -7,6 +7,7 @@ info:
 
   # https://github.com/alibaba/canal/issues/632
   # https://netty.io/wiki/reference-counted-objects.html
+  # https://my.oschina.net/u/4581879/blog/4753320
 
 requests:
   - method: GET

From d469835cc5e7ff3a85f9ac0dbf6289cef93afb06 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Sat, 30 Jan 2021 11:02:29 +0530
Subject: [PATCH 3/3] misc changes

---
 .../configs}/alibaba-canal-info-leak.yaml                       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename {exposed-panels => exposures/configs}/alibaba-canal-info-leak.yaml (96%)

diff --git a/exposed-panels/alibaba-canal-info-leak.yaml b/exposures/configs/alibaba-canal-info-leak.yaml
similarity index 96%
rename from exposed-panels/alibaba-canal-info-leak.yaml
rename to exposures/configs/alibaba-canal-info-leak.yaml
index f9de2da35d..4aa9c23848 100644
--- a/exposed-panels/alibaba-canal-info-leak.yaml
+++ b/exposures/configs/alibaba-canal-info-leak.yaml
@@ -1,4 +1,4 @@
-id: Alibaba-Canal-Info-Leak
+id: alibaba-canal-info-leak
 
 info:
   name: Alibaba Canal Info Leak