nuclei-templates/cloud/enum/gcp-app-engine-enum.yaml

42 lines
1000 B
YAML

id: gcp-app-engine-enum
info:
name: GCP App Engine (Appspot) - Cloud Enumeration
author: initstring
severity: info
description: |
Searches for App Engine Apps in GCP.
metadata:
verified: true
tags: cloud,cloud-enum,gcp
self-contained: true
variables:
BaseDNS: "appspot.com"
loginRedirect: "accounts.google.com"
http:
- raw:
- |
GET https://{{wordlist}}.{{BaseDNS}} HTTP/1.1
Host: {{wordlist}}.{{BaseDNS}}
redirects: false
attack: batteringram
threads: 10
matchers:
- type: dsl
name: "Open GCP App Engine App"
dsl:
- "status_code==200"
- type: dsl
name: "Protected GCP App Engine App"
dsl:
- "status_code==302"
- contains(location, "login")
condition: and
# digest: 490a0046304402204edc5a3fc90ff80b8397219e37a716d5b582c9821dbb0edda2c52c585aa241ca022067b0c7178f7f345975f765bdd56afc967505028e459ed113c8fbd450a1dcb76a:922c64590222798bb761d5b6d8e72950