🔨 Fix exposed-docker-api from false-positives

2020-07-11 02:59:05 +07:00 · 2020-07-11 02:59:05 +07:00 · 44b27d7939
parent a4f05086d0
commit 44b27d7939
1 changed files with 16 additions and 4 deletions
--- a/panels/docker-api.yaml
+++ b/panels/docker-api.yaml
@ -2,16 +2,28 @@ id: exposed-docker-api

 info:
  name: Exposed Docker API
-  author: furkansenan
+  author: furkansenan & dwisiswant0
  severity: informative

 requests:
  - method: GET
    path:
-      - '{{BaseURL}}:2376/version'
+      - "http://{{Hostname}}/version"
+      - "http://{{Hostname}}:2376/version"
+      - "http://{{Hostname}}/v1.24/version"
+      - "http://{{Hostname}}:2376/v1.24/version"
+    matchers-condition: and
    matchers:
      - type: word
        words:
-          - "Version"
-          - "Docker"
+          - "application/json"
+        part: header
+      - type: word
+        words:
+          - "KernelVersion"
+          - "BuildTime"
+        condition: and
        part: body
+      - type: status
+        status:
+          - 200