id: gitlab-public-registration

info:
  name: GitLab public registration of new user - Detect
  author: axrk
  severity: info
  metadata:
    max-request: 1
    shodan-query: http.title:"GitLab"
  tags: gitlab,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/users/sign_up"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<span class="gl-button-text">Register</span>'
          - 'data-qa-selector="new_user_register_button"'
        condition: or

      - type: word
        words:
          - 'https://about.gitlab.com'

      - type: status
        status:
          - 200

      - type: word
        negative: true
        words:
          - '<meta content="GitLab.com" property="og:description">'

# digest: 490a0046304402204827554d0c5e27a1b7b6a44996c4c0d926d1aa115589544880385745b77c6e5b02201da92f300b8fd99cedf9704418984afcb842b71c0e22e7f9f03f755699b7b8aa:922c64590222798bb761d5b6d8e72950