Multiple Docker Compose configuration files were detected. The configuration allows deploy, combine and configure operations on multiple containers at the same time. The default is to outsource each process to its own container, which is then publicly accessible.
PoC代码[已公开]
id: docker-compose-config
info:
name: Docker Compose - Detect
author: meme-lord,blckraven,geeknik
severity: medium
description: Multiple Docker Compose configuration files were detected. The configuration allows deploy, combine and configure operations on multiple containers at the same time. The default is to outsource each process to its own container, which is then publicly accessible.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
metadata:
max-request: 7
tags: config,exposure,devops,vuln
http:
- method: GET
host-redirects: true
max-redirects: 3
path:
- "{{BaseURL}}/docker-compose.yml"
- "{{BaseURL}}/docker-compose.prod.yml"
- "{{BaseURL}}/docker-compose.production.yml"
- "{{BaseURL}}/docker-compose.staging.yml"
- "{{BaseURL}}/docker-compose.dev.yml"
- "{{BaseURL}}/docker-compose-dev.yml"
- "{{BaseURL}}/docker-compose.override.yml"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'regex("^version: ", body) && contains(body, "services:")'
- type: status
status:
- 200
# digest: 490a0046304402204eca9a276bd21dbcfa497a66fd256e5ab587dd679885b685dcb1e10c74d94c1602201ab20179b059adf6f3cbe3525f95d75503f4a765a437496d90d4bdf136469523:922c64590222798bb761d5b6d8e72950