id: artifactory-anonymous-deploy info: name: Artifactory anonymous deploy author: panch0r3d severity: high reference: - https://www.errno.fr/artifactory/Attacking_Artifactory.html tags: artifactory metadata: max-request: 1 http: - method: GET path: - "{{BaseURL}}/artifactory/ui/repodata?deploy=true" matchers-condition: and matchers: - type: word words: - '"repoKey"' part: body - type: status status: - 200 - type: word words: - "application/json" part: header