id: docker-registry

info:
  name: Docker Registry Listing
  author: puzzlepeaches
  severity: medium
  reference:
    - https://notsosecure.com/anatomy-of-a-hack-docker-registry
  metadata:
    max-request: 1
  tags: misconfig,docker,devops

http:
  - method: GET
    path:
      - "{{BaseURL}}/v2/_catalog"

    host-redirects: true
    max-redirects: 1

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"repositories":'

      - type: word
        part: header
        words:
          - "application/json"

# digest: 4a0a0047304502202a56ccb024ab1f1d1faf45c4dc619dce41eab58fba49a1bd5bca788260336015022100da95283baa981fb4c1be1a773268797d61cfdf50e45cc354c5b08a56490f9819:922c64590222798bb761d5b6d8e72950