mirror of
https://github.com/carlospolop/hacktricks
synced 2025-01-07 18:58:54 +00:00
17 lines
758 B
Markdown
17 lines
758 B
Markdown
# JIRA
|
|
|
|
### Check Privileges
|
|
|
|
Inside a Jira instance **any user** (even **non-authenticated**) can **check its privileges** in `/rest/api/2/mypermissions` or `/rest/api/3/mypermissions` . These endpoints will return your current privileges.\
|
|
If a **non-authenticated** user have any **privilege**, this is a **vulnerability** (bounty?).\
|
|
If an **authenticated** user have any **unexpected privilege**, this a a **vuln**.
|
|
|
|
```bash
|
|
#Check non-authenticated privileges
|
|
curl https://jira.some.example.com/rest/api/2/mypermissions | jq | grep -iB6 '"havePermission": true'
|
|
```
|
|
|
|
### Automated enumeration
|
|
|
|
* [https://github.com/0x48piraj/Jiraffe](https://github.com/0x48piraj/Jiraffe)
|
|
* [https://github.com/bcoles/jira\_scan](https://github.com/bcoles/jira\_scan)
|