Prince Chaddha
GitHub
commit
72c36147c5
|
|
@ -2,10 +2,11 @@ id: salesforce-aura
|
|||
|
||||
info:
|
||||
name: Detect the exposure of Salesforce Lightning aura API
|
||||
author: aaron_costello (@ConspiracyProof)
|
||||
author: aaron_costello (@ConspiracyProof),Ph33rr
|
||||
severity: info
|
||||
reference:
|
||||
- https://www.enumerated.de/index/salesforce
|
||||
- https://github.com/Ph33rr/cirrusgo (test endpoint)
|
||||
tags: aura,unauth,salesforce,exposure
|
||||
|
||||
requests:
|
||||
|
|
@ -14,6 +15,8 @@ requests:
|
|||
- "{{BaseURL}}/aura"
|
||||
- "{{BaseURL}}/s/sfsites/aura"
|
||||
- "{{BaseURL}}/sfsites/aura"
|
||||
- "{{BaseURL}}/s/aura"
|
||||
- "{{BaseURL}}/s/fact"
|
||||
|
||||
body: "{}"
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue