mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-16 23:53:28 +08:00
33 lines
1.0 KiB
YAML
33 lines
1.0 KiB
YAML
id: google-adk-api-exposed
|
|
|
|
info:
|
|
name: Google ADK API Exposure
|
|
author: princechaddha
|
|
severity: unknown
|
|
description: |
|
|
Detects the exposure of the Google Agent Development Kit (ADK) API, which may lead to sensitive information disclosure or unauthorized access.
|
|
reference:
|
|
- https://google.github.io/adk-docs/
|
|
- https://github.com/google/adk-samples
|
|
metadata:
|
|
max-request: 1
|
|
verified: true
|
|
tags: adk,exposure,google,ai,agent,api,devops
|
|
|
|
http:
|
|
- raw:
|
|
- |
|
|
POST /apps/my_sample_agent/users/{{randstr}}/sessions/s_123 HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Content-Type: application/json
|
|
|
|
{"state": {"key1": "value1", "key2": 42}}
|
|
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- '","userId":"{{randstr}}"'
|
|
- '{"id":"'
|
|
condition: and
|
|
# digest: 4a0a00473045022022512e6ca137ede7d5a3db81eabd463a30e13175648f086039237783f4db334e022100c44484921b18f9054e5a1fb6a30e63e918bca48f3ceb2012ae9d38da3fdef39b:922c64590222798bb761d5b6d8e72950 |