From 9612e58d61d59a8858fde423598891c4998dc8d5 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Tue, 11 Oct 2022 02:04:00 +0530
Subject: [PATCH] Create npm-anonymous-cli.yaml

---
 exposures/files/npm-anonymous-cli.yaml | 33 ++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 exposures/files/npm-anonymous-cli.yaml

diff --git a/exposures/files/npm-anonymous-cli.yaml b/exposures/files/npm-anonymous-cli.yaml
new file mode 100644
index 0000000000..5367984073
--- /dev/null
+++ b/exposures/files/npm-anonymous-cli.yaml
@@ -0,0 +1,33 @@
+id: npm-anonymous-cli
+
+info:
+  name: NPM Anonymous CLI Metrics Exposure
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt
+  metadata:
+    verified: true
+    shodan-query: html:"anonymous-cli-metrics.json"
+  tags: exposure,file,npm,config
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/.npm/anonymous-cli-metrics.json'
+      - '{{BaseURL}}/anonymous-cli-metrics.json'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"metricId":'
+          - '"metrics":'
+          - '"successfulInstalls":'
+        condition: and
+
+      - type: status
+        status:
+          - 200