id: grafana-public-signup info: name: Grafana Public Signup author: pdteam severity: medium metadata: shodan-query: title:"Grafana" tags: grafana,intrusive requests: - raw: - | POST /api/user/signup/step2 HTTP/1.1 Host: {{Hostname}} content-type: application/json Origin: {{BaseURL}} Referer: {{BaseURL}} {"username":"{{randstr}}","password":"{{randstr_1}}"} matchers-condition: and matchers: - type: word words: - "User sign up completed successfully" - type: word words: - "grafana_sess" - "grafana_user" condition: and part: header - type: status status: - 200