Fixed FP - kubernetes-etcd-keys

2023-11-20 14:44:11 +05:30 · 2023-11-20 14:44:11 +05:30 · ec7ff56511
parent 38851df326
commit ec7ff56511
1 changed files with 10 additions and 6 deletions
--- a/http/exposures/files/kubernetes-etcd-keys.yaml
+++ b/http/exposures/files/kubernetes-etcd-keys.yaml
@ -1,7 +1,7 @@
 id: kubernetes-etcd-keys

 info:
-  name: Kubernetes etcd Keys Exposure
+  name: Kubernetes etcd Keys - Exposure
  author: Hardik-Solanki
  severity: medium
  reference:
@ -19,15 +19,19 @@ http:

    matchers-condition: and
    matchers:
-      - type: word
+      - type: regex
        part: body
+        regex:
+          - '(?m)^-----BEGIN PRIVATE KEY-----'
+
+      - type: word
+        part: header
        words:
-          - 'BEGIN RSA PRIVATE KEY'
-          - 'END RSA PRIVATE KEY'
+          - "application/json"
+          - "application/html"
        condition: and
+        negative: true

      - type: status
        status:
          - 200
-
-# digest: 4a0a00473045022100ddcd09ba54d23434edd7e63ee886dd9f64da1346e3b76acccc1be6836d418dac022024943cef9731a68f36b915457434998f6c0550e6015cbb61d6ee2e5788664345:922c64590222798bb761d5b6d8e72950