daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9989 from L4stPL4Y3R/sns 

Added SNS Topic Subscription access publicly Template
patch-4
Prince Chaddha 2024-06-11 23:02:34 +04:00 committed by GitHub
parent 5ff86d8411 356ce0df99
commit c083f24492
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 69 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
cloud/aws/sns/sns-public-subscribe-access.yaml Normal file
View File

@ -0,0 +1,68 @@
id: sns-public-subscribe-access
info:
name: Public Subscription Access of SNS Topics via Policy
author: Ritesh_Gohil(#L4stPL4Y3R)
severity: high
description: |
This template checks if Amazon SNS topics are configured to allow public subscription access via topic policies.
reference:
- https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html
tags: cloud,devops,aws,amazon,sns,aws-cloud-config
flow: |
code(1)
for (let topicArn of iterate(template.topics)) {
set("topicArn", topicArn)
code(2)
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
aws sns list-topics --query 'Topics[*].TopicArn'
extractors:
- type: json
internal: true
name: topics
json:
- '.[]'
- engine:
- sh
- bash
source: |
aws sns get-topic-attributes --topic-arn $topicArn --query Attributes.Policy --output text
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"Effect":"Allow"'
- type: word
part: body
words:
- '"Principal":{"AWS":"*"}'
- type: word
part: body
words:
- '"Action":"SNS:Subscribe"'
- type: regex
part: body
negative: true
regex:
- '"Condition"'
extractors:
- type: dsl
dsl:
- '"The SNS topic " + topicArn + " allows public subscription via Policy"'
# digest: 4a0a004730450221008a967d8e5c9942beefab71caa02bdc0fd01121f2c88254d8a37296a941f8e02c02200d45a3425f5011f61061b5004635f3ad9407bcd88ae47fcda6afc63e883b432d:366f2a24c8eb519f6968bd8801c08ebe

1
cloud/aws/sns/sns-topic-public-accessible.yaml
View File

@ -62,4 +62,5 @@ code:
- type: dsl - type: dsl
dsl: dsl:
- '"The SNS topic " + topicArn + " is publicly accessible via Policy"' - '"The SNS topic " + topicArn + " is publicly accessible via Policy"'
# digest: 4b0a00483046022100cbb02679b206daa0a1138c3c7d400ca3ccf3aea22840064633a6ac54fbe6a44d022100f23545b9fc5cdb35c1c853d68c2cb35904bd22385117daa75cf0923441d212d4:922c64590222798bb761d5b6d8e72950 # digest: 4b0a00483046022100cbb02679b206daa0a1138c3c7d400ca3ccf3aea22840064633a6ac54fbe6a44d022100f23545b9fc5cdb35c1c853d68c2cb35904bd22385117daa75cf0923441d212d4:922c64590222798bb761d5b6d8e72950