id: ntfy-web-exposure

info:
  name: NTFY Web - Exposure
  author: DhiyaneshDk
  severity: medium
  description: |
    Publicly exposed NTFY web interface allowing unauthorized publish or subscribe access.
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"ntfy.sh"
  tags: exposure,ntfy,web,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/settings"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>ntfy web</title>"

      - type: status
        status:
          - 200
# digest: 490a0046304402205d79584619f46074e8b17826e8e6c08d630cea3bd775711f1058af9375b5f31f022043b3ae474cbc1d872de4f0c2f63555b16f088d8705526e4744591d52749d77dc:922c64590222798bb761d5b6d8e72950