63 行
1.5 KiB
YAML
63 行
1.5 KiB
YAML
profile_id: gitea-ssrf
|
|
system_id: gitea
|
|
match_rules:
|
|
keywords:
|
|
- ssrf
|
|
- request forgery
|
|
vuln_family: ssrf
|
|
provisioning_mode: real
|
|
verification_mode: real
|
|
artifact_mode: local-fixture
|
|
artifact_source:
|
|
strategy: local-minimal-fixture
|
|
runner_id: gitea.ssrf
|
|
fixture_path: /Users/x/websafe/00-environments/templates/fixtures/gitea/ssrf
|
|
required_services:
|
|
- app
|
|
seed_actions:
|
|
- kind: note
|
|
message: Seed local sink counters only.
|
|
baseline_actions:
|
|
- kind: http-get
|
|
path: /
|
|
attack_actions:
|
|
- kind: note
|
|
message: Runner triggers callback strictly to local sink endpoint.
|
|
browser_assertions:
|
|
required: false
|
|
success_criteria:
|
|
- Server-side callback reaches the local sink and is recorded in proof output.
|
|
success_assertions:
|
|
- name: baseline-ok
|
|
type: baseline-ok
|
|
- name: runner-success
|
|
type: runner-success
|
|
services:
|
|
app:
|
|
image: python:3.12-alpine
|
|
working_dir: /workspace
|
|
command:
|
|
- python
|
|
- /workspace/00-environments/templates/fixtures/shared/python_fixture.py
|
|
environment:
|
|
LAB_FIXTURE_SCENARIO: /workspace/00-environments/templates/fixtures/gitea/ssrf/scenario.json
|
|
PORT: "3000"
|
|
ports:
|
|
- 18105:3000
|
|
volumes:
|
|
- /Users/x/websafe:/workspace:ro
|
|
healthcheck:
|
|
test:
|
|
- CMD-SHELL
|
|
- wget -q -O - http://127.0.0.1:3000/healthz >/dev/null 2>&1 || exit 1
|
|
interval: 2s
|
|
timeout: 2s
|
|
retries: 20
|
|
baseline_urls:
|
|
- http://127.0.0.1:18105/
|
|
ready_timeout_seconds: 45
|
|
cleanup_policy: destroy
|
|
destructive_risk: low
|
|
allowed_target_types:
|
|
- lab-local
|