Skip to content

Commit

Permalink
Create IBM Friendly Path Publicly Accessible.bcheck
Browse files Browse the repository at this point in the history
  • Loading branch information
@Anof-cyber
Anof-cyber authored Jul 7, 2023
1 parent 39d79b2 commit 291085d
Showing 1 changed file with 26 additions and 0 deletions.
26 changes: 26 additions & 0 deletions other/IBM Friendly Path Publicly Accessible.bcheck
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
metadata:
language: v1-beta
name: "IBM Friendly Path Publicly Accessible"
description: "IBM Friendly Path and Sign Up page is publicly accessible"
author: "Sourav Kalal"

run for each:
potential_path =
"/wps/portal/client/welcome/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8ziHd3DQgMNnM3N_M1DjA08PX0NgoNcnQwt3Ez1wwkpiAJKG-AAjgb6BbmhigBypoQ7/dz/d5/L2dBISEvZ0FBIS9nQSEh/?uri=nm:oid:Z6_00000000000000A0BR2B300GG2",
"/wps/portal/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8ziDVCAo4FTkJGTsYGBu7uRfjhYgaN7WGiggbO5mb95iLGBp6evQXCQq5OhhZupfhSGfmSToPrxWEBAf0FuaCgAb7VcBA!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/dz/d5/L0lJSkdKSUtVSklKQ2dwUkNncFJBL29Od3dBQUFZUUFBRUl3UWxDVTVBQUdNSUtTcEtGTFJ0R0ZvIS80TmxFTklVTVFuRmR1WXBNaFFUVWs1Q2ltcHBBL1o2XzAwMDAwMDAwMDAwMDAwQTBCUjJCMzAwR1YwL1o3XzAwMDAwMDAwMDAwMDAwQTBCUjJCMzAwSU8wL25vcm1hbC9PQ04vWjZfMDAwMDAwMDAwMDAwMDBBMEJSMkIzMDBHRzIvYW8vdGht/#Z7_00000000000000A0BR2B300IO0",
"/wps/portal/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8ziHd3DQgMNnM3N_M1DjA08PX0NgoNcnQwt3Ez1wwkpiAJKG-AAjgb6BbmhigBypoQ7/dz/d5/L2dBISEvZ0FBIS9nQSEh/?uri=nm:oid:Z6_00000000000000A0BR2B300GG2",
"/wps/portal/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8ziDVCAo4FTkJGTsYGBu7uRfjhYgaN7WGiggbO5mb95iLGBp6evQXCQq5OhhZupfhSGfmSToPrxWEBQfxRYSYCHh5mHoYWBj7-RL1DC1y3M2NXCx9jA3RiqAI8ZBbmhEQaZjooABQv7ag!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/dz/d5/L0lJSkdKSUtVSklKQ2dwUkNncFJBL29Od3dBQUFZUUFBRUl3UWxDVTVBQUdNSUtTcEtGTFJ0R0ZvIS80TmxFTklVTVFuRmR1WXBNaFFUVWs1Q2ltcHBBL1o2XzAwMDAwMDAwMDAwMDAwQTBCUjJCMzAwR1YwL1o3XzAwMDAwMDAwMDAwMDAwQTBCUjJCMzAwSU8wL25vcm1hbC9PQ04vWjZfMDAwMDAwMDAwMDAwMDBBMEJSMkIzMDBHRzIvYW8vdGht/#Z7_00000000000000A0BR2B300IO0",
"/wps/portal/!ut/p/z1/pZHBDoIwDIYfqZVF4DoIEg5KBEHWi9mBIAnbjCEefHqH8SARJNGe2qRf_78tEFRAWt7aRvat0bKztSD3hKPgGGROwBDjEuH4bOBxWewx9NzUOzBMki3mWRSs_M0a6IN_n_Ti5wRiZ4Kf0J9r8PEXfmTwL_0Sl_YXlvfm-CRFKLS5KvuJHAgoDXeL9wKSBkR_VkPa6QZEra1N-rrJcKglqxdV2KjuEVM-czP-AKyJL-g!/dz/d5/L2dBISEvZ0FBIS9nQSEh/#Z7_00000000000000A0BR2B300IO0"

given host then
send request called check:
method: "GET"
path: {potential_path}

if {check.response.status_code} is "200" and "Friendly path" in {check.response.body} or "Sign Up" in {check.response.body} or "My Profile" in {check.response.body} then
report issue:
severity: medium
confidence: firm
detail: `IBM Friendly Path found at {potential_path}.`
remediation: "Upgrade the WebSphere Portal."
end if

0 comments on commit 291085d

Please sign in to comment.