I have made this personal nuclei template to detect if directory listing is enabled on a wordpress site, this template should request the endpoint /wp-content/uploads.and it does a regex match of the string "Index of", if found it should return the result, but so far i'm having this "context deadline exceeded"
Here's the template:
`
id: wordpress-directory-listing
info:
name: /wp-content/uploads - Directory Listing Enabled
author: winteri3coming
severity: high
description: detects if directory listing is enabled at /wp-content/uploads/.
tags: wordpress
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/uploads/"
unsafe: true
matchers:
- type: regex
regex:
- "[Ii]ndex of"
`
i've tried changing the request type to raw and back to basic and it didn't work, what could be the reason and how to fix it, what is wrong with my template, knowing that if i run other templates from the project discovery repo, they work just fine.
Related
I'm programming my own website with symfony 4.2.8 and it's bundle, that is sonata admin. At First, I had installed the symfony and it's bundle sonata amdin. And according to configuration guides, I configured sonata admin bundle. Everything is ok until I configure dashboard groups. I don't know What is my fault in my configuration.
Error Message : An exception has been thrown during the rendering of a template ("Admin service "sonata.admin.user" not found in admin pool. Did you mean "app.admin.user" or one of those: []?").
http://enagape.net/admin/dashboard
My configuration is like these.
in config/packages/sonata_admin.yaml.
sonata_admin:
#persist_filters: true
#filter_persister: filter_persister_service_id
title: 'Sonata Admin'
dashboard:
blocks:
# display two dashboard blocks
-
position: left
type: sonata.admin.block.admin_list
settings:
groups: [users, pages, blog]
groups:
users:
label: Users
label_catalogue: ~
items:
- sonata.admin.user
# - sonata.admin.group
pages:
label: Pages
label_catalogue: ~
items:
# - sonata.admin.page
# - sonata.admin.site
blog:
label: Blog
label_catalogue: ~
items:
- sonata.admin.post
# - sonata.admin.comment
# - sonata.admin.category
# - sonata.admin.tag
sonata_block:
blocks:
sonata.admin.block.admin_list:
contexts: [admin]
And in config/services.yaml.
parameters:
locale: 'en'
services:
# default configuration for services in *this* file
_defaults:
autowire: true # Automatically injects dependencies in your services.
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
# makes classes in src/ available to be used as services
# this creates a service per class whose id is the fully-qualified class name
App\:
resource: '../src/*'
exclude: '../src/{DependencyInjection,Entity,Migrations,Tests,Kernel.php}'
# controllers are imported separately to make sure services can be injected
# as action arguments even if you don't extend any base controller class
App\Controller\:
resource: '../src/Controller'
tags: ['controller.service_arguments']
# add more service definitions when explicit configuration is needed
# please note that last definitions always *replace* previous ones
# <Entity>Admin class
App\Admin\:
resource: '../src/Admin'
# for user
app.admin.user:
class: App\Admin\UserAdmin
arguments:
- ~
- App\Entity\User
- ~
tags:
-
name: sonata.admin
manager_type: orm
label: User
group: users
#filter_persister: filter_persister_service_id
# for post
app.admin.post:
class: App\Admin\PostAdmin
arguments:
- ~
- App\Entity\Post
- ~
tags:
-
name: sonata.admin
manager_type: orm
label: Post
group: blog
#filter_persister: filter_persister_service_id
I found a solution to configure sonata admin. This is best way to make wonderful admin.
After installation of sonata admin bundle, you can use symfony console.
For example,
php bin/console make:sonata:admin
That's it, you just enter the upper command line.
My web service API will check whether a certain cookie is included in the requests, but I couldn't figure out how to include a cookie to my swagger doc api calls.
I've tried two approaches:
Adding cookie as a editable field like this in my .yaml file.
paths:
/myApi/create:
parameters:
- name: Cookie
in: header
description: cookie
required: true
type: string
In the html file of swagger ui, add
window.authorizations.add(
"Cookie",
new ApiKeyAuthorization("Cookie", 'Name=Val', 'header')
)
But in both of the approach my api doesn't get the cookie, I was wondering how I can do this? Thanks!
OpenAPI/Swagger spec 2.0 does not support cookie authentication. For the next version (3.0), the discussion to support it can be found in the following:
https://github.com/OAI/OpenAPI-Specification/issues/15
UPDATE: OpenAPI spec 3.0 will support cookie: https://github.com/OAI/OpenAPI-Specification/blob/OpenAPI.next/versions/3.0.md#parameter-locations
Maybe it is too late, but you should check the following example:
swagger: '2.0'
info:
version: '1'
title: With Cookie Authentication
description: With Cookie Authentication
securityDefinitions:
myCookie:
type: apiKey
name: Cookie
in: header
paths:
/say-hi:
get:
summary: Say Hello
description: Say Hello
responses:
200:
description: OK
security:
- myCookie: []
I'm using the
http://splix.github.io/grails-spring-security-facebook/index.html
java version "1.8.0_91"
Grails Version: 3.0.9 & Groovy Version: 2.4.5
I'm not sure where is is being inserted at. I've added the appid to application.yml, application.groovy, src\main\resources\application.properties.
````
DEBUG com.the6hours.grails.springsecurity.facebook.SpringSecurityFacebookGrailsPlugin - Facebook security config: [appId
:********, secret:********, apiKey:Invalid, domain:[classname:com.spontorg.FacebookUser, appUserConnectionPropertyName:u
ser], useAjax:true, autoCheck:true, jsconf:fbSecurity, permissions:[email, user_friends, public_profile], taglib:[langua
ge:en_US, button:[text:Login with Facebook], initfb:true], autoCreate:[enabled:true, roles:[ROLE_USER, ROLE_FACEBOOK]],
filter:[json:[processUrl:/j_spring_security_facebook_json, type:json, methods:[POST]], redirect:[redirectFromUrl:/j_spri
ng_security_facebook_redirect], processUrl:/j_spring_security_facebook_check, type:redirect, position:720, forceLoginPar
ameter:j_spring_facebook_force], beans:[:], host:localhost]
....
DEBUG com.the6hours.grails.springsecurity.facebook.FacebookAuthUtils - Redirect to http://127.0.0.1:8080/j_spring_securi
ty_facebook_check
`````
afterwards the URL redirect is
````
Location:https://www.facebook.com/dialog/oauth?client_id=962223610477458&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fj_spring_security_facebook_check&scope=email%2Cuser_friends%2Cpublic_profile&state=0-c68ca
````
then i get an error 72, and some message about the app is setup for public access, etc.
WELP...
It was me, i must have copy/pasted that in and never looked closely enough. IDK?
I checked the source code & it was pretty clearly pulling that value, rechecked and DOH!
finally got it, you need to match the host: with the value you put in ont the facebook app or it pukes again with a different error.
grails:
plugin:
springsecurity:
facebook:
appId: '###########'
secret: 'asfd!##$asfdasfd!#'
domain:
classname: 'com.domain.FacebookUser'
host: live.yourdomain.com
filter:
type: redirect
permissions: ['email','user_friends','public_profile']
So, I'm using Symfony 2.6 (Yes, it's old, but I'm not allowed to upgrade) for a project. Currently, I got a small issue:
If the user goes to
www.url.com/product/G
this should be allowed and he is not required to login. However, if the goes to
www.url.com/product/GProduct
He is required to login. However, I'm unable to figure out what to do in order to tell Symfony to do exactly that.
The line in my security.yml is as the following:
access_control:
- { path: /product/[^A-Z]$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
This RegEx should only match one character. However, it doesn't do what it should. I can still access /product/GProduct without being asked to login.
How can I achieve this? And can I achieve that at all?
With :
access_control:
- { path: ^/product/[A-Z]$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
You can match only an url with a single uppercase character.
But if you want to secure /product/GProduct, you have to add an other line :
access_control:
- { path: ^/product/GProduct, roles: IS_AUTHENTICATED }
- { path: ^/product/[A-Z]$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
With static ^/product/GProduct or with Regex.
I'm trying to set up multiple domain tracking with GA, with the end result being that we are able to see traffic to siteB as containing the initial referrer to siteA.
Site A's code:
_gaq.push(["_setAccount", "UA-XXX-X"]);
_gaq.push(["_setDomainName", "sitea.com"]);
_gaq.push(["_setAllowLinker", true]);
_gaq.push(["_trackPageview"]);
With a link:
Link to site b
Site B's code:
_gaq.push(['_setAccount', 'UA-XXX-X']);
_gaq.push(['_setAllowLinker', true]);
_gaq.push(['_addIgnoredRef', 'sitea.com']);
_gaq.push(['_trackPageview']);
Expected behavior: we want to see referrals in the tracking to siteb linked from the link on sitea as the original referrer to sitea:
referrer to sitea -> link -> siteb
in analytics as:
referrer to sitea -> siteb
Actual behavior: we're seeing traffic on siteb as containing sitea as the referrer. Additionally, we're seeing the _utma with the cookie added to the siteb url when you click on the link on sitea, but the _utma cookies being created on siteb contain different values.
I've read various articles about setDomainName to 'none', removing it all together, but nothing seems to be working as expected.
Thanks for any help
UPDATE: Additional info via the ga debugger:
Coming into sitea from external:
_gaq.push processing "_setDomainName" for args: "[sitea.com]": dc_debug.js:24
_gaq.push processing "_setAllowLinker" for args: "[true]": dc_debug.js:24
_gaq.push processing "_trackPageview" for args: "[]":
Referring URL : http://www.external.com/
Hit ID : 1460027114
Visitor ID : 1908962602
Click through from sitea to siteb:
_gaq.push processing "_setAllowLinker" for args: "[true]": ga_debug.js:24
_gaq.push processing "_addIgnoredRef" for args: "[sitea.com]": ga_debug.js:24
_gaq.push processing "_trackPageview" for args: "[]":
Referring URL : http://www.sitea.com/
Hit ID : 73647255
Visitor ID : 1908962602
So the visitor ID is staying consistent, but the referring URL tracked on siteb is not the referrer from sitea.
Also unclear if it's relevant, but we're using the DoubleClick integration on sitea (dc.js) and Classic GA on siteb (ga.js).
Thx!
I believe the issue is with setting the cookie domain (again) in tag, could you try removing it?
I suggest to keep it ONLY with all other commands in tracker definition block?
Also, add domain definition to SiteB:
_gaq.push(["_setDomainName", "siteb.com"]);
Ignoring referral shouldn't be an issue as you pass UTM parameters that will override that information anyway.
Check out how to set up Views (formerly Profiles) in GA correctly and according to documentation.
Hope this helps.