nuclei-templates/http/exposed-panels/jupyter-notebook.yaml

45 lines
1.0 KiB
YAML

id: jupyter-notebook
info:
name: Jupyter Notebook Login Panel - Detect
author: hakimkt,arafatansari
severity: info
description: |
Jupyter Notebook login panel was detected.
reference:
- https://www.exploit-db.com/ghdb/7970
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata:
max-request: 4
shodan-query: http.html:"JupyterHub"
tags: edb,panel,jupyter,notebook,exposure
http:
- method: GET
path:
- "{{BaseURL}}/jupyter/login"
- "{{BaseURL}}/jupyter/lab"
- "{{BaseURL}}/jupyter/hub/lti/launch"
- "{{BaseURL}}/hub/login"
stop-at-first-match: true
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- '/jupyter/static/base/images/logo.png'
- '/jupyter/hub/logo'
- 'Select items to perform actions on them.'
- 'JupyterHub'
condition: or
- type: status
status:
- 200