43 lines
1.0 KiB
YAML
43 lines
1.0 KiB
YAML
id: gcp-app-engine-enum
|
|
|
|
info:
|
|
name: GCP App Engine (Appspot) - Cloud Enumeration
|
|
author: initstring
|
|
severity: info
|
|
description: |
|
|
Searches for App Engine Apps in GCP.
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
tags: enum,cloud,cloud-enum,gcp
|
|
|
|
self-contained: true
|
|
|
|
variables:
|
|
BaseDNS: "appspot.com"
|
|
loginRedirect: "accounts.google.com"
|
|
|
|
http:
|
|
- raw:
|
|
- |
|
|
GET https://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
|
Host: {{wordlist}}.{{BaseDNS}}
|
|
|
|
redirects: false
|
|
|
|
attack: batteringram
|
|
threads: 10
|
|
|
|
matchers:
|
|
- type: dsl
|
|
name: "Open GCP App Engine App"
|
|
dsl:
|
|
- "status_code==200"
|
|
|
|
- type: dsl
|
|
name: "Protected GCP App Engine App"
|
|
dsl:
|
|
- "status_code==302"
|
|
- contains(location, "login")
|
|
condition: and
|
|
# digest: 490a00463044022049b2ab788a102342c3ee4b36d87315f145c3e963f1bd8389d1b2d9f90540f05402203bb1fa138a4e29c568c6bd421cb97c526e822c25fc952368295259787bc159d4:922c64590222798bb761d5b6d8e72950 |