Files
sif/modules/recon/infinity-embedding-api-exposure.yaml
T
Tigah 24bcab0a8f feat(modules): detect exposed openai-compatible llm servers (#233)
add recon modules for unauthenticated inference servers that expose an openai-style /v1/models inventory without a key: vllm, llama.cpp, lm studio, and infinity.
2026-07-02 17:00:35 -07:00

46 lines
992 B
YAML

# Infinity Embedding Server API Exposure Detection Module
id: infinity-embedding-api-exposure
info:
name: Infinity Embedding Server API Exposure
author: sif
severity: medium
description: Detects an exposed Infinity embedding and reranking server reachable without authentication; its model list leaks the served models and the server accepts embedding requests without a key
tags: [infinity, embeddings, llm, ai, inference, api, exposure, recon]
type: http
http:
method: GET
paths:
- "{{BaseURL}}/models"
- "{{BaseURL}}/v1/models"
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- "\"backend\""
- type: word
part: body
words:
- "\"capabilities\""
- type: regex
part: body
regex:
- '"owned_by"\s*:\s*"infinity"'
extractors:
- type: regex
name: infinity_model
part: body
regex:
- '"id"\s*:\s*"([^"]+)"'
group: 1