From 73464aa1383d523ffc8ce32b3e9d1d26c71fa2ef Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Mon, 7 Oct 2024 11:55:46 +0400
Subject: [PATCH] Create netdisco-unauth.yaml

---
 .../netdisco/netdisco-unauth.yaml             | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 http/misconfiguration/netdisco/netdisco-unauth.yaml

diff --git a/http/misconfiguration/netdisco/netdisco-unauth.yaml b/http/misconfiguration/netdisco/netdisco-unauth.yaml
new file mode 100644
index 0000000000..e9e9c02722
--- /dev/null
+++ b/http/misconfiguration/netdisco/netdisco-unauth.yaml
@@ -0,0 +1,30 @@
+id: netdisco-unauth
+
+info:
+  name: Netdisco - Unauth Access
+  author: ritikchaddha
+  severity: critical
+  description: |
+    Detects an unauth dashboard access of Netdisco.
+  impact: |
+    Attackers can potentially exploit this vulnerability to gain unauthorized access to sensitive information.
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: title:"Netdisco"
+    fofa-query: title="Netdisco"
+  tags: netdisco,misconfig,unauth
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/inventory"
+
+    host-redirects: true
+    max-redirects: 2
+    matchers:
+      - type: dsl
+        dsl:
+          - contains_all(body, "User Management", "/admin/discoverall", "Logged in as")
+          - status_code == 200
+        condition: and