From 36bef6bce58b8fa921f66b866cd8a0aa6c3d2da1 Mon Sep 17 00:00:00 2001 From: Pugalarasan <75373225+0xPugazh@users.noreply.github.com> Date: Thu, 22 Jun 2023 20:54:00 +0530 Subject: [PATCH 1/3] Create collibra-properties.yaml --- .../configs/collibra-properties.yaml | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 http/exposures/configs/collibra-properties.yaml diff --git a/http/exposures/configs/collibra-properties.yaml b/http/exposures/configs/collibra-properties.yaml new file mode 100644 index 0000000000..e82842f603 --- /dev/null +++ b/http/exposures/configs/collibra-properties.yaml @@ -0,0 +1,49 @@ +id: collibra-properties + +info: + name: Collibra Properties Exposure + author: 0xPugazh + severity: high + reference: + - https://twitter.com/shaybt12/status/1662431219223605254 + metadata: + verified: true + max-request: 3 + tags: exposure,config,properties + + +http: + - method: GET + path: + - "{{BaseURL}}/collibra.properties" + - "{{BaseURL}}/app/collibra.properties" + - "{{BaseURL}}/src/collibra.properties" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - 'collibra.url' + - 'collibra.port' + - 'collibra.user' + - 'collibra.password' + condition: or + + - type: word + part: header + words: + - "text/plain" + - "bytes" + condition: or + + - type: word + part: header + words: + - "text/html" + negative: true + + - type: status + status: + - 200 From 9d178aa9186c9d01cd89d0425c9220c683522711 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Jun 2023 21:00:04 +0530 Subject: [PATCH 2/3] trail space fix --- http/exposures/configs/collibra-properties.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/http/exposures/configs/collibra-properties.yaml b/http/exposures/configs/collibra-properties.yaml index e82842f603..1ba06f2f6e 100644 --- a/http/exposures/configs/collibra-properties.yaml +++ b/http/exposures/configs/collibra-properties.yaml @@ -22,22 +22,22 @@ http: stop-at-first-match: true matchers-condition: and matchers: - - type: regex + - type: word part: body - regex: + words: - 'collibra.url' - 'collibra.port' - 'collibra.user' - 'collibra.password' condition: or - + - type: word part: header words: - "text/plain" - "bytes" condition: or - + - type: word part: header words: From 40c36258c88ccca0a00efa314f48f238f6629001 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 4 Jul 2023 22:58:59 +0530 Subject: [PATCH 3/3] minor -changes --- http/exposures/configs/collibra-properties.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/http/exposures/configs/collibra-properties.yaml b/http/exposures/configs/collibra-properties.yaml index 1ba06f2f6e..a2e87b39db 100644 --- a/http/exposures/configs/collibra-properties.yaml +++ b/http/exposures/configs/collibra-properties.yaml @@ -7,9 +7,9 @@ info: reference: - https://twitter.com/shaybt12/status/1662431219223605254 metadata: - verified: true max-request: 3 - tags: exposure,config,properties + verified: true + tags: exposure,config,collibra-properties,collibra http: