id: browserless-debugger

info:
  name: Exposed Browserless debugger
  author: ggranjus
  severity: medium
  description: Browserless instance can be used to make web requests. May worth checking /workspace for juicy files.
  reference:
    - https://docs.browserless.io/docs/docker.html#securing-your-instance
  classification:
    cpe: cpe:2.3:a:browserless:chrome:*:*:*:*:node.js:*:*:*
  metadata:
    max-request: 1
    vendor: browserless
    product: chrome
    shodan-query: http.title:"browserless debugger"
  tags: browserless,unauth,debug,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>browserless debugger</title>"
          - "<code>Click the ► button to run your code.</code>"
        condition: or

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100d3cadbbef1f68af18efa8d49ae896ce5abc9a471a83eb6fc6993ca1148fe29da02201d8f70b14b3e3a51dfe4a949dbd80d29806d852c84d0874734c99a1fdbd13bda:922c64590222798bb761d5b6d8e72950