Home Page

id: jupyter-notebooks-exposed

info:
  name: Jupyter notebooks exposed to reading and writing
  author: johnk3r
  severity: high
  description: Jupyter notebooks are exposed.
  reference:
    - https://blog.aquasec.com/python-ransomware-jupyter-notebook
  classification:
    cpe: cpe:2.3:a:jupyter:notebook:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: jupyter
    product: notebook
    shodan-query: title:"Home Page - Select or create a notebook"
  tags: jupyter,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    host-redirects: true
    max-redirects: 1

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        part: body
        words:
          - '<title>Home Page - Select or create a notebook</title>'
          - '<div> There are no notebooks running. </div>'
        condition: or
# digest: 4a0a00473045022100b0124b745239386fa1df10ede37200ad95d02a4a016b588f5163683a4689ae28022041918d48d658029cb0bc87aa4add38eb8958562b21c9c0495af41bd6a0885a5a:922c64590222798bb761d5b6d8e72950