hacktricks/network-services-pentesting/pentesting-web/jira.md
carlospolop f0e09e3f54 social
2023-03-06 00:16:20 +01:00

3.7 KiB

HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch Wed - 18.30(UTC) 🎙️ - 🎥 Youtube 🎥

Check Privileges

Inside a Jira instance any user (even non-authenticated) can check its privileges in /rest/api/2/mypermissions or /rest/api/3/mypermissions . These endpoints will return your current privileges.
If a non-authenticated user have any privilege, this is a vulnerability (bounty?).
If an authenticated user have any unexpected privilege, this a a vuln.

#Check non-authenticated privileges
curl https://jira.some.example.com/rest/api/2/mypermissions | jq | grep -iB6 '"havePermission": true'

Automated enumeration

HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch Wed - 18.30(UTC) 🎙️ - 🎥 Youtube 🎥