33 lines
932 B
YAML
33 lines
932 B
YAML
id: jenkins-stack-trace
|
|
|
|
info:
|
|
name: Detect Jenkins in Debug Mode with Stack Traces Enabled
|
|
author: Dheerajmadhukar
|
|
severity: low
|
|
description: Module identified that the affected host is running an instance of Jenkins in debug mode, as a result stack traces are enabled.
|
|
reference:
|
|
- https://hackerone.com/reports/221833
|
|
metadata:
|
|
max-request: 1
|
|
tags: jenkins,hackerone
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/adjuncts/3a890183/"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "java.lang.StringIndexOutOfBoundsException"
|
|
- "String index out of range"
|
|
part: body
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 500
|
|
|
|
# digest: 4b0a0048304602210090ecedd6e0a611f869394ae2afb7ee2b8fff8fed8cbfff1998250e38da3c79b9022100968c144032a3920ab6ce1e034b707724c5ddc8697cb6c3b1514d1233d75f6022:922c64590222798bb761d5b6d8e72950
|