Merge pull request #1373 from DhiyaneshGeek/master

aem-bg-servlet , aem-login-status
2021-04-27 16:14:43 +05:30 · 2021-04-27 16:14:43 +05:30 · 6b62121a71
parent 9feb53dc1e 06c5cd45fa
commit 6b62121a71
2 changed files with 47 additions and 0 deletions
--- a/misconfiguration/aem/aem-bg-servlet.yaml
+++ b/misconfiguration/aem/aem-bg-servlet.yaml
@ -0,0 +1,23 @@
+id: aem-bg-servlet
+
+info:
+  author: DhiyaneshDk
+  name: AEM BG-Servlets
+  severity: info
+  reference: https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212
+  tags: aem
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/system/bgservlets/test.css'
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - '<br/>Flushing output<br/>'
--- a/misconfiguration/aem/aem-login-status.yaml
+++ b/misconfiguration/aem/aem-login-status.yaml
@ -0,0 +1,24 @@
+id: aem-login-status
+
+info:
+  author: DhiyaneshDk
+  name: AEM Login Status
+  severity: info
+  reference: https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212
+  tags: aem
+
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/system/sling/loginstatus.css'
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - 'CREDENTIAL_CHALLENGE'
+        condition: and