id: firebase-detect

info:
  name: firebase detect
  author: organiccrap
  severity: low
  reference:
    - http://ghostlulz.com/google-exposed-firebase-database/
  metadata:
    max-request: 1
  tags: tech,firebase

http:
  - method: GET
    path:
      - "{{BaseURL}}/.settings/rules.json?auth=FIREBASE_SECRET"

    matchers:
      - type: word
        words:
          - "Could not parse auth token"
        part: body

# digest: 4a0a00473045022100c2dec8c69638efcc2d55ad6cfde5419057614ea3c62e2c49ec01a2af86b8041f0220371d8d74d6d140046f47dae8f42a3a73541c770487702efa4e72fdfaa38857e2:922c64590222798bb761d5b6d8e72950