Update and rename redpanda-console-detection.yaml to http/misconfiguration/redpanda-console.yaml

2024-10-21 05:36:09 +05:30 · 2024-10-21 05:36:09 +05:30 · e14fbf363e
parent d83860ad46
commit e14fbf363e
2 changed files with 33 additions and 37 deletions
--- a/http/misconfiguration/redpanda-console.yaml
+++ b/http/misconfiguration/redpanda-console.yaml
@ -0,0 +1,33 @@
+id: redpanda-console
+
+info:
+  name: Redpanda Console - Exposure
+  author: kh4sh3i
+  severity: medium
+  description: |
+    Unauthorized access to the Redpanda Console could allow attackers to view or manipulate streaming data, monitor clusters, or access configuration information, leading to potential data leaks or service disruption.
+  impact: |
+    Exposing the Redpanda Console to the public can result in unauthorized access, leading to data leaks, misconfigurations, or even denial of service attacks on the streaming infrastructure.
+  reference:
+    - https://github.com/redpanda-data/console
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: title:"Redpanda Console"
+  tags: misconfig,redpanda,console,streaming
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/overview"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Redpanda Console"
+
+      - type: status
+        status:
+          - 200
--- a/redpanda-console-detection.yaml
+++ b/redpanda-console-detection.yaml
@ -1,37 +0,0 @@
-id: redpanda-console-detection
-
-info:
-  name: Redpanda Console Detection
-  author: kh4sh3i
-  severity: info
-  description: |
-    Detects Redpanda Console, a UI for managing data streaming with Redpanda.
-  reference:
-    - https://github.com/redpanda-data/console
-  tags: redpanda, console, streaming, panel
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/"  # Target the base URL or specific common endpoint
-
-    matchers-condition: or
-    matchers:
-      - type: word
-        words:
-          - "Redpanda Console"  # Check for text that indicates Redpanda Console in the page body
-        part: body
-
-      - type: word
-        words:
-          - "Redpanda-Console"  # Custom headers or cookies specific to Redpanda Console
-        part: header
-
-      - type: status
-        status:
-          - 200
-
-      - type: word
-        words:
-          - "/static/js/main"  # Detect the presence of static files used by the UI
-        part: body