id: http-etcd-unauthenticated-api-data-leak

info:
  name: etcd Unauthenticated HTTP API Leak
  author: dhiyaneshDk
  severity: high
  description: etcd HTTP API is exposed.
  reference:
    - https://hackerone.com/reports/1088429
  metadata:
    max-request: 1
  tags: misconfig,hackerone,unauth,etcd

http:
  - method: GET
    path:
      - "{{BaseURL}}/v2/auth/roles"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"roles"'
          - '"permissions"'
          - '"role"'
          - '"kv"'
        condition: and

      - type: word
        part: header
        words:
          - "text/plain"
          - "application/json"
        condition: or

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100a7178bbf2e2319e122dd555e733acfe6538526f136c354a8907e30108cfae374022100b8d4ac49e2af80e929978f186b6a11ed370e56b2feaa4133496be1416e702176:922c64590222798bb761d5b6d8e72950