Additional modules

detectify · Jun 4, 2021 · b293beb · b293beb
1 parent 9580f33
commit b293beb
Show file tree

Hide file tree

Showing 7 changed files with 102 additions and 0 deletions.
diff --git a/modules/apache-ambari-default-credentials.json b/modules/apache-ambari-default-credentials.json
@@ -0,0 +1,20 @@
+{
+	"request": {
+		"path": "/api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name",
+		"headers": [
+			"Authorization: Basic YWRtaW46YWRtaW4="
+		]
+	},
+	"response": {
+		"matchesRequired": 5,
+		"matches": [
+			{"type": "status", "code": 200, "required": true},
+			{"type": "static", "pattern": "active"},
+			{"type": "static", "pattern": "admin"},
+			{"type": "static", "pattern": "groups"},
+			{"type": "static", "pattern": "ldap_user"},
+			{"type": "static", "pattern": "user_name"},
+			{"type": "static", "pattern": "user_type"}
+		]
+	}
+}
diff --git a/modules/exposed-docker-socket.json b/modules/exposed-docker-socket.json
@@ -0,0 +1,19 @@
+{
+	"request": {
+		"path": "containers/json"
+	},
+	"response": {
+		"matchesRequired": 5,
+		"matches": [
+			{"type": "status", "code": 200, "required": true},
+			{"type": "header", "name": "Content-Type", "pattern": "(?i)application/json", "required": true},
+			{"type": "static", "pattern": "\"Id\"", "required": true},
+			{"type": "static", "pattern": "\"Names\""},
+			{"type": "static", "pattern": "\"Image\""},
+			{"type": "static", "pattern": "\"ImageID\""},
+			{"type": "static", "pattern": "\"Command\""},
+			{"type": "static", "pattern": "\"Created\""},
+			{"type": "static", "pattern": "\"State\""}
+		]
+	}
+}
diff --git a/modules/exposed-jquery-file-upload.json b/modules/exposed-jquery-file-upload.json
@@ -0,0 +1,12 @@
+{
+	"request": {
+		"path": "jquery-file-upload/server/php/"
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{"type": "status", "code": 200, "required": true},
+			{"type": "regex", "pattern": "^{\"files\":"}
+		]
+	}
+}
diff --git a/modules/exposed-nginx-status.json b/modules/exposed-nginx-status.json
@@ -0,0 +1,11 @@
+{
+	"request": {
+		"path": "/nginx_status"
+	},
+	"response": {
+		"matchesRequired": 1,
+		"matches": [
+			{"type": "static", "pattern": "server accepts handled requests"}
+		]
+	}
+}
diff --git a/modules/http-response-splitting.json b/modules/http-response-splitting.json
@@ -0,0 +1,11 @@
+{
+	"request": {
+		"path": "/%0d%0ahrs:hrs"
+	},
+	"response": {
+		"matchesRequired": 1,
+		"matches": [
+			{"type": "header", "name": "hrs", "pattern": "."}
+		]
+	}
+}
diff --git a/modules/open-redirect-1.json b/modules/open-redirect-1.json
@@ -0,0 +1,13 @@
+{
+	"request": {
+		"path": "//example.com"
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{"type": "status", "code": 301},
+			{"type": "status", "code": 302},
+			{"type": "header", "name": "Location", "pattern": "(?i)^//example.om"}
+		]
+	}
+}
diff --git a/modules/spring-boot-env-route.json b/modules/spring-boot-env-route.json
@@ -0,0 +1,16 @@
+{
+	"request": {
+		"path": "/actuator/env"
+	},
+	"response": {
+		"matchesRequired": 6,
+		"matches": [
+			{"type": "status", "code": 200, "required": true},
+			{"type": "header", "name": "Content-Type", "pattern": "(?i)application/json", "required": true},
+			{"type": "static", "pattern": "\"profiles"},
+			{"type": "static", "pattern": "\"servletContextInitParams"},
+			{"type": "static", "pattern": "\"systemProperties"},
+			{"type": "static", "pattern": "\"systemEnvironment"}
+		]
+	}
+}