2023-04-21 01:39:49 +05:30
|
|
|
id: sql-server-reportviewer
|
2023-04-20 10:17:10 +02:00
|
|
|
|
|
|
|
|
info:
|
2023-04-21 01:39:49 +05:30
|
|
|
name: SQL Server ReportViewer - Exposure
|
2023-04-20 10:17:10 +02:00
|
|
|
author: kazet
|
|
|
|
|
severity: high
|
2024-01-03 11:38:41 +05:30
|
|
|
description: SQL Server ReportViewer page exposed.
|
2023-04-20 10:17:10 +02:00
|
|
|
reference:
|
|
|
|
|
- https://learn.microsoft.com/en-us/sql/reporting-services/create-deploy-and-manage-mobile-and-paginated-reports?view=sql-server-ver16
|
2023-04-21 01:39:49 +05:30
|
|
|
metadata:
|
2023-06-04 13:43:42 +05:30
|
|
|
verified: true
|
2023-10-14 16:57:55 +05:30
|
|
|
max-request: 2
|
2023-04-21 01:39:49 +05:30
|
|
|
google-query: inurl:"/Reports/Pages/Folder.aspx"
|
|
|
|
|
tags: misconfig,sql,report,exposure
|
2023-04-20 10:17:10 +02:00
|
|
|
|
2023-04-27 09:58:59 +05:30
|
|
|
http:
|
2023-04-21 01:39:49 +05:30
|
|
|
- raw:
|
|
|
|
|
- |
|
|
|
|
|
GET /Reports/Pages/Folder.aspx HTTP/1.1
|
|
|
|
|
Host: {{Hostname}}
|
|
|
|
|
- |
|
|
|
|
|
GET /ReportServer/Pages/Folder.aspx HTTP/1.1
|
|
|
|
|
Host: {{Hostname}}
|
2023-04-20 10:17:10 +02:00
|
|
|
|
2023-04-21 01:39:49 +05:30
|
|
|
matchers:
|
|
|
|
|
- type: dsl
|
|
|
|
|
dsl:
|
|
|
|
|
- "status_code_1 == 200 && status_code_2 != 401"
|
|
|
|
|
- "contains(body, 'Data Source') && contains(body, 'SQL Server Reporting Services')"
|
|
|
|
|
condition: and
|
2024-01-15 11:49:24 +00:00
|
|
|
# digest: 4b0a004830460221008feccb6f64b565bdc0c250a76bf836e3fa99a59c5a9b7f80327b4f4628fdeaa60221008a23345dd57c7dbbce3370ad35499b7aaf50fe496815d0d9c30740b73e81bccf:922c64590222798bb761d5b6d8e72950
|
