id: grafana-public-signup

info:
  name: Grafana Public Signup
  author: pdteam
  severity: medium
  description: Public Signup is enabled on Grafana.
  classification:
    cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: grafana
    product: grafana
    shodan-query: title:"Grafana"
  tags: grafana,intrusive,misconfig

http:
  - raw:
      - |
        POST /api/user/signup/step2 HTTP/1.1
        Host: {{Hostname}}
        content-type: application/json
        Origin: {{BaseURL}}
        Referer: {{BaseURL}}

        {"username":"{{randstr}}","password":"{{randstr_1}}"}

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "User sign up completed successfully"

      - type: word
        words:
          - "grafana_sess"
          - "grafana_user"
        condition: and
        part: header

      - type: status
        status:
          - 200
# digest: 490a00463044022002df65277ad704773a11a11377b60fb72c7b39864f0d9f67f2059b5730098374022052d964e7c701ff9d9305ea24c610541d6ba6034eaefe2b44e6bea7f33249ef27:922c64590222798bb761d5b6d8e72950