stackhawk-api: StackHawk API Key

日期: 2025-08-01 | 影响软件: stackhawk-api | POC: 已公开

漏洞描述

PoC代码[已公开]

id: stackhawk-api

info:
  name: StackHawk API Key
  author: DhiyaneshDK
  severity: high
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/stackhawk.yml
    - https://apidocs.stackhawk.com/reference/login
    - https://docs.stackhawk.com/web-app/
  metadata:
    verified: true
    max-request: 1
  tags: stackhawk,token,exposure,vuln

flow: http(1) && http(2)

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: regex
        part: body
        name: token
        regex:
          - '\b(hawk\.[0-9A-Za-z_-]{20}\.[0-9A-Za-z_-]{20})\b'
        internal: true

  - raw:
      - |
        @Host: https://api.stackhawk.com:443
        GET /api/v1/auth/login HTTP/1.1
        Host: api.stackhawk.com
        X-ApiKey: {{token}}
        Accept: application/json

    disable-path-automerge: true
    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(body, "token")'
          - 'contains(content_type, "application/json")'
        condition: and

    extractors:
      - type: dsl
        dsl:
          - token
# digest: 490a0046304402203b18b831bf66d063f0f33a92d6a61dd58ac2cdfbd0b75c42623341ba3cbf831802201ae0ac117fc991898acb82def5621d0a80ae077cbc73f230584af10066b11d56:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/tokens/stackhawk/stackhawk-api.yaml