Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FALSE-NEGATIVE] Report Google Client ID from headers #11443

Closed
davidfegyver opened this issue Jan 5, 2025 · 2 comments · Fixed by #11470
Closed

[FALSE-NEGATIVE] Report Google Client ID from headers #11443

davidfegyver opened this issue Jan 5, 2025 · 2 comments · Fixed by #11470
Assignees
@princechaddha
Labels
Done Ready to merge false-negative Nuclei template missing valid results

Comments

@davidfegyver
Copy link
Contributor

davidfegyver commented Jan 5, 2025
edited
Loading

Template IDs or paths

- http/exposures/tokens/google/google-client-id.yaml

Steps To Reproduce

Hi! Is there any reason not to check for Google Client ID-s in the HTTP headers? Some services, like Google IAP specifically has this string only in the response Location header, when it redirects for authentication. I would suggest the line part: body to be changed to part: all.

Thanks!
@davidfegyver

Relevant dumped responses

Image
@davidfegyver davidfegyver added the false-negative Nuclei template missing valid results label Jan 5, 2025
@princechaddha princechaddha linked a pull request Jan 10, 2025 that will close this issue
Update google-client-id.yaml #11470
Merged
2 tasks
@princechaddha
Copy link
Member

Hi @davidfegyver, Thank you for taking the time to create this issue and for contributing to this project. I have fixed the template in #11470

@princechaddha princechaddha added the Done Ready to merge label Jan 10, 2025
@davidfegyver
Copy link
Contributor Author

Hi, thanks for the fix :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@princechaddha princechaddha

Labels
Done Ready to merge false-negative Nuclei template missing valid results
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update google-client-id.yaml projectdiscovery/nuclei-templates
2 participants
@princechaddha @davidfegyver