mirror of https://github.com/qwqdanchun/fscan.git
17 lines
595 B
YAML
17 lines
595 B
YAML
name: poc-yaml-docker-registry-api-unauth
|
|
rules:
|
|
- method: GET
|
|
path: /v2/
|
|
follow_redirects: false
|
|
expression: >
|
|
response.status == 200 && "docker-distribution-api-version" in response.headers && response.headers["docker-distribution-api-version"].contains("registry/2.0")
|
|
- method: GET
|
|
path: /v2/_catalog
|
|
follow_redirects: false
|
|
expression: >
|
|
response.status == 200 && response.content_type.contains("application/json") && response.body.bcontains(b"repositories")
|
|
detail:
|
|
author: p0wd3r
|
|
links:
|
|
- http://www.polaris-lab.com/index.php/archives/253/
|