Merge pull request #1218 from projectdiscovery/detect-aws-services
Templates to detect cloud storage servicespatch-1
commit
ec9fe4ff55
|
@ -4,7 +4,7 @@ info:
|
||||||
name: Dockerrun AWS Configuration Exposure
|
name: Dockerrun AWS Configuration Exposure
|
||||||
author: pdteam
|
author: pdteam
|
||||||
severity: medium
|
severity: medium
|
||||||
tags: config,exposure
|
tags: config,exposure,aws
|
||||||
|
|
||||||
requests:
|
requests:
|
||||||
- method: GET
|
- method: GET
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
id: aws-bucket-service
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Detect websites using AWS bucket storage
|
||||||
|
author: pdteam
|
||||||
|
severity: info
|
||||||
|
tags: aws,tech
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: dsl
|
||||||
|
dsl:
|
||||||
|
- contains(tolower(all_headers), 'x-amz-bucket')
|
||||||
|
- contains(tolower(all_headers), 'x-amz-request')
|
||||||
|
- contains(tolower(all_headers), 'x-amz-id')
|
||||||
|
- contains(tolower(all_headers), 'AmazonS3')
|
||||||
|
part: header
|
||||||
|
condition: or
|
||||||
|
|
||||||
|
- type: dsl
|
||||||
|
dsl:
|
||||||
|
- contains(tolower(all_headers), 'x-guploader-uploadid')
|
||||||
|
part: header
|
||||||
|
negative: true
|
|
@ -0,0 +1,25 @@
|
||||||
|
id: google-bucket-service
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Detect websites using Google bucket storage
|
||||||
|
author: pdteam
|
||||||
|
severity: info
|
||||||
|
tags: google,tech
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}"
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: dsl
|
||||||
|
dsl:
|
||||||
|
- contains(tolower(all_headers), 'x-goog-component-count')
|
||||||
|
- contains(tolower(all_headers), 'x-goog-expiration')
|
||||||
|
- contains(tolower(all_headers), 'x-goog-generation')
|
||||||
|
- contains(tolower(all_headers), 'x-goog-metageneration')
|
||||||
|
- contains(tolower(all_headers), 'x-goog-stored-content-encoding')
|
||||||
|
- contains(tolower(all_headers), 'x-goog-stored-content-length')
|
||||||
|
- contains(tolower(all_headers), 'x-guploader-uploadid')
|
||||||
|
part: header
|
||||||
|
condition: or
|
Loading…
Reference in New Issue