From a2ffd5579bce7c3a4cd0eaa238b178c65f78c1e8 Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Sat, 30 Jan 2021 00:54:16 +0000
Subject: [PATCH] Create alibaba-canal-info-leak.yaml

---
 exposed-panels/alibaba-canal-info-leak.yaml | 33 +++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 exposed-panels/alibaba-canal-info-leak.yaml

diff --git a/exposed-panels/alibaba-canal-info-leak.yaml b/exposed-panels/alibaba-canal-info-leak.yaml
new file mode 100644
index 0000000000..c4c4d7ed15
--- /dev/null
+++ b/exposed-panels/alibaba-canal-info-leak.yaml
@@ -0,0 +1,33 @@
+id: Alibaba-Canal-Info-Leak
+
+info:
+  name: Alibaba Canal Info Leak
+  author: pikpikcu
+  severity: info
+
+  # https://github.com/alibaba/canal/issues/632
+  # https://netty.io/wiki/reference-counted-objects.html
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/api/v1/canal/config/1/1"
+    headers:
+      Content-Type: application/json
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "application/json"
+        condition: and
+        part: header
+      - type: word
+        words:
+          - "ncanal.aliyun.accessKey"
+          - "ncanal.aliyun.secretKey"
+        condition: and
+        part: body