nuclei-templates/exposures/configs/azure-domain-tenant.yaml

40 lines
1.1 KiB
YAML

id: azure-domain-tenant
info:
name: Microsoft Azure - Domain Tenant ID - Detect
author: V0idC0de
severity: info
description: Microsoft Azure Domain Tenant ID was detected. Checks if the domain is part of an Azure tenant and finds the ID using Azure's OpenID discovery page.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
reference: https://azure.microsoft.com
tags: azure,microsoft,cloud
requests:
- raw:
- |
@Host: https://login.microsoftonline.com:443
GET /{{Host}}/v2.0/.well-known/openid-configuration HTTP/1.1
Host: login.microsoftonline.com
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "token_endpoint"
extractors:
- type: regex
part: body
group: 1
regex:
- "\"https:\\/\\/login\\.microsoftonline\\.com\\/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})"
# Enhanced by mp on 2023/02/05