From a1fc27ca75b02912f1616b54351b5a2c4deb24d7 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 3 May 2021 18:14:44 +0530
Subject: [PATCH 1/4] Create gloo-unauth.yaml

---
 vulnerabilities/other/gloo-unauth.yaml | 32 ++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 vulnerabilities/other/gloo-unauth.yaml

diff --git a/vulnerabilities/other/gloo-unauth.yaml b/vulnerabilities/other/gloo-unauth.yaml
new file mode 100644
index 0000000000..ad187ce600
--- /dev/null
+++ b/vulnerabilities/other/gloo-unauth.yaml
@@ -0,0 +1,32 @@
+id: gloo-unauth
+
+info:
+  name: Gloo UI Unauthentication
+  author: dhiyaneshDk
+  severity: high
+  tags: auth,gloo
+  reference: https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/fed.rpc.solo.io.GlooInstanceApi/ListClusterDetails'
+    headers:
+      User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
+      Content-type: "application/grpc-web+proto"
+      Referer: "{{BaseURL}}/admin/"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "gke-remote"
+        part: body
+
+      - type: word
+        words:
+          - "application/grpc-web+proto"
+        part: header
+
+      - type: status
+        status:
+          - 200

From 585b6515920ce765d212ac0a825754069d3a14f6 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 3 May 2021 18:23:30 +0530
Subject: [PATCH 2/4] Update gloo-unauth.yaml

---
 vulnerabilities/other/gloo-unauth.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/vulnerabilities/other/gloo-unauth.yaml b/vulnerabilities/other/gloo-unauth.yaml
index ad187ce600..5951bf20e5 100644
--- a/vulnerabilities/other/gloo-unauth.yaml
+++ b/vulnerabilities/other/gloo-unauth.yaml
@@ -5,7 +5,6 @@ info:
   author: dhiyaneshDk
   severity: high
   tags: auth,gloo
-  reference: https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/
 
 requests:
   - method: GET

From aacce3ecedac28c90873edb046b61a4714261083 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 3 May 2021 18:24:14 +0530
Subject: [PATCH 3/4] Create gogs-install-exposure.yaml

---
 exposures/files/gogs-install-exposure.yaml | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 exposures/files/gogs-install-exposure.yaml

diff --git a/exposures/files/gogs-install-exposure.yaml b/exposures/files/gogs-install-exposure.yaml
new file mode 100644
index 0000000000..e2c9d787e6
--- /dev/null
+++ b/exposures/files/gogs-install-exposure.yaml
@@ -0,0 +1,25 @@
+id: gogs-install-exposure
+
+info:
+  name: Gogs install exposure
+  author: dhiyaneshDk
+  severity: high
+  tags: gogs,exposure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/install'
+    headers:
+      User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "General Settings"
+          - "Database Settings"
+        part: body
+
+      - type: status
+        status:
+          - 200

From ae13e5e44e3b493dd6bbd750b5224cee1bcab9c2 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Wed, 5 May 2021 17:53:34 +0530
Subject: [PATCH 4/4] minor updates

---
 exposures/files/gogs-install-exposure.yaml | 4 ++--
 vulnerabilities/other/gloo-unauth.yaml     | 5 +++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/exposures/files/gogs-install-exposure.yaml b/exposures/files/gogs-install-exposure.yaml
index e2c9d787e6..a7369b2cb4 100644
--- a/exposures/files/gogs-install-exposure.yaml
+++ b/exposures/files/gogs-install-exposure.yaml
@@ -10,8 +10,7 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/install'
-    headers:
-      User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
+
     matchers-condition: and
     matchers:
       - type: word
@@ -19,6 +18,7 @@ requests:
           - "General Settings"
           - "Database Settings"
         part: body
+        condition: and
 
       - type: status
         status:
diff --git a/vulnerabilities/other/gloo-unauth.yaml b/vulnerabilities/other/gloo-unauth.yaml
index 5951bf20e5..4a27ed3b2d 100644
--- a/vulnerabilities/other/gloo-unauth.yaml
+++ b/vulnerabilities/other/gloo-unauth.yaml
@@ -1,10 +1,10 @@
 id: gloo-unauth
 
 info:
-  name: Gloo UI Unauthentication
+  name: Unauthenticated Gloo UI
   author: dhiyaneshDk
   severity: high
-  tags: auth,gloo
+  tags: unauth,gloo
 
 requests:
   - method: GET
@@ -14,6 +14,7 @@ requests:
       User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
       Content-type: "application/grpc-web+proto"
       Referer: "{{BaseURL}}/admin/"
+
     matchers-condition: and
     matchers:
       - type: word