id: misconfigured-docker

info:
  name: Misconfigured Docker on Default Port
  author: dhiyaneshDK
  severity: critical
  reference: https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/attacking-docker-containers/misconfiguration.html
  tags: docker,unauth,devops

requests:
  - method: GET
    path:
      - "{{BaseURL}}/images/json"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '"ParentId":'
          - '"Container":'
          - '"Labels":'
        condition: and

      - type: status
        status:
          - 200