id: jenkins-crumb-token

info:
  name: Jenkins Token or Crumb
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/jenkins.yml
    - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/
    - https://www.jenkins.io/doc/book/security/csrf-protection/
  metadata:
    verified: true
    max-request: 1
  tags: jenkins,crumb,token,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b'

# digest: 4a0a00473045022100b54b088e142e1bbbd9d7af5a749f1df8cefeecbd1210c6b215e9edb2345dd4f102202de913832b102cce7955fa49691cbbd4361a0b729a9d08eb13c6ce1ab56a1329:922c64590222798bb761d5b6d8e72950