commit
6d13aae69e
|
@ -2,7 +2,7 @@ id: https-to-http-redirect
|
|||
|
||||
info:
|
||||
name: HTTPS to HTTP redirect Misconfiguration
|
||||
author: kazet
|
||||
author: kazet,idealphase
|
||||
severity: info
|
||||
description: |
|
||||
Detects whether there is a redirect from https:// to http://
|
||||
|
@ -16,11 +16,19 @@ http:
|
|||
path:
|
||||
- "{{BaseURL}}"
|
||||
|
||||
matchers-condition: or
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'startswith(tolower(location), "http://")'
|
||||
- 'startswith(tostring(BaseURL), "https://")'
|
||||
- '(status_code == 301 || status_code == 302 || status_code == 307)'
|
||||
- '(status_code == 300 || status_code == 301 || status_code == 302 || status_code == 303 || status_code == 307 || status_code == 308)'
|
||||
condition: and
|
||||
# digest: 4a0a0047304502206212deffff885bc2abd110b7921124764815e61844a28cf278f271f6d9753151022100861fee57cff6e033d3b77a48aa8a88595f5d7ea267d502b1aadf739e417f6608:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'startswith(tostring(BaseURL), "https://")'
|
||||
- 'status_code == 200'
|
||||
- 'contains(tolower(body), "<meta http-equiv=\"refresh\" content=\"0; url=http://")'
|
||||
condition: and
|
||||
# digest: 4b0a0048304602210095c09fe6d8f15bcb97731bcc870184de2350c35ab0db26b19fc3bbced9862e7b022100fbe5cddc9cf4e2d70fc2e700dbe0c90a05e20536b932ac17e44bb0b83d7edf8c:32bd8904a85baa2268cd2e24368f3b1a
|
||||
|
|
|
@ -3731,8 +3731,13 @@ http:
|
|||
dsl:
|
||||
- "status_code==200 && (\"-1599943282\" == mmh3(base64_py(body)))"
|
||||
|
||||
- type: dsl
|
||||
name: "Veeam Service Provider Console"
|
||||
dsl:
|
||||
- "status_code==200 && (\"-1728967963\" == mmh3(base64_py(body)))"
|
||||
|
||||
extractors:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'mmh3(base64_py(body))'
|
||||
# digest: 4a0a00473045022100d5db6ca1e3fae692c3d73e04bb2b8f32fbb0ce71e9dbe0e5e2568124a785b0b902202a8410c129ccda07db2f0cff823f28efc91b909fe40a147716b71e8f016a177e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100d5db6ca1e3fae692c3d73e04bb2b8f32fbb0ce71e9dbe0e5e2568124a785b0b902202a8410c129ccda07db2f0cff823f28efc91b909fe40a147716b71e8f016a177e:922c64590222798bb761d5b6d8e72950
|
||||
|
|
Loading…
Reference in New Issue