nuclei-templates/http/token-spray/api-google-drive.yaml

27 lines
592 B
YAML

id: api-google-drive
info:
name: Google Drive API Test
author: geeknik
severity: info
reference:
- https://developers.google.com/drive/api/guides/about-sdk
metadata:
max-request: 1
tags: token-spray,google,drive,intrusive
self-contained: true
http:
- raw:
- |
GET https://www.googleapis.com/drive/v3/files/{{randstr}}.txt/%3fkey={{token}}&supportsAllDrives=true HTTP/1.1
Referer: {{referer}}
Content-Type:application/json
matchers:
- type: word
part: body
words:
- 'File not found: {{randstr}}.txt.'