30 lines
1.0 KiB
YAML
30 lines
1.0 KiB
YAML
id: apache-couchdb-unauth
|
|
|
|
info:
|
|
name: Apache CouchDB - Unauthenticated Access
|
|
author: SleepingBag945
|
|
severity: high
|
|
description: Apache CouchDB is exposed to external users.
|
|
reference:
|
|
- https://github.com/ax1sX/SecurityList/blob/main/Database/CouchDB.md
|
|
- https://github.com/taomujian/linbing/blob/master/python/app/plugins/http/CouchDB/Couchdb_Unauthorized.py
|
|
- https://github.com/mubix/tools/blob/master/nmap/scripts/couchdb-stats.nse
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
shodan-query: product:"CouchDB"
|
|
fofa-query: app="APACHE-CouchDB"
|
|
tags: apache,couchdb,unauth,misconfig
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/_config"
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- 'status_code == 200'
|
|
- 'contains(body,"httpd_design_handlers") && contains(body,"external_manager")'
|
|
condition: and
|
|
# digest: 4a0a00473045022053008792f061ef833f044b7439346118cb7fdcf5a5a1a381b7f70598bc2559e40221008379416ef2b9276ab8421a73d9b0e2e515ba722ee7a9529ed35fe12adad9c6e4:922c64590222798bb761d5b6d8e72950 |