mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-10 20:53:27 +08:00
34 lines
853 B
YAML
34 lines
853 B
YAML
id: artifactory-anonymous-deploy
|
|
|
|
info:
|
|
name: Artifactory anonymous deploy
|
|
author: panch0r3d
|
|
severity: high
|
|
description: Artifactory anonymous repo is exposed.
|
|
reference:
|
|
- https://www.errno.fr/artifactory/Attacking_Artifactory.html
|
|
metadata:
|
|
max-request: 1
|
|
tags: artifactory,misconfig
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/artifactory/ui/repodata?deploy=true"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- '"repoKey"'
|
|
part: body
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
- type: word
|
|
words:
|
|
- "application/json"
|
|
part: header
|
|
# digest: 4a0a004730450221008f70c6820fad0c26ac70c3848917dd00b192d367bc72dac945d82d34fd32da5602202b3d192b07fc3223a2032e5e4abe86436245af00cf831d9789181d8ac5ff71d5:922c64590222798bb761d5b6d8e72950 |