26 lines
671 B
YAML
26 lines
671 B
YAML
id: detect-sentry
|
|
|
|
info:
|
|
name: Detect Sentry Instance
|
|
author: Sicksec
|
|
severity: info
|
|
reference:
|
|
- https://hackerone.com/reports/374737
|
|
- https://twitter.com/itsecurityguard/status/1127893545619218432?lang=en
|
|
metadata:
|
|
max-request: 1
|
|
tags: ssrf,sentry,tech,hackerone
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}"
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "https://[0-9a-f]*@[a-z0-9]+\\.[a-z.]+.?[0-9]+"
|
|
|
|
# digest: 4a0a0047304502206a337fc97e880044be0de01faa202ad1cca2f4d7b67fe461bcc11f49eea1515c022100dce81df0cb17f0ca0d72ae8ebb749658efe8cf379598fc331463ccb4b48cade3:922c64590222798bb761d5b6d8e72950
|