id: grafana-public-signup

info:
  name: Grafana Public Signup
  author: pdteam
  severity: medium
  description: Public Signup is enabled on Grafana.
  metadata:
    max-request: 1
    shodan-query: title:"Grafana"
  tags: grafana,intrusive,misconfig

http:
  - raw:
      - |
        POST /api/user/signup/step2 HTTP/1.1
        Host: {{Hostname}}
        content-type: application/json
        Origin: {{BaseURL}}
        Referer: {{BaseURL}}

        {"username":"{{randstr}}","password":"{{randstr_1}}"}

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "User sign up completed successfully"

      - type: word
        words:
          - "grafana_sess"
          - "grafana_user"
        condition: and
        part: header

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100cd9ddfa8c2baf843acc831480d26b30f6b6def4ceea41aa31c1d77cfc01ff8c40221009ca95c5f33cc23f93870f8fd3732b58e09571c68925449b31fcebdc136fb8e32:922c64590222798bb761d5b6d8e72950