Simple Python3 Script to Enumerate Authentik Version
Authentik uses versioned script includes (see here).
This allows for unauthenticated version enumerations by file existence testing. Basically get all release versions from Github, then try to fetch each versioned JS file and display the result. If an exact versioned script was found (HTTP status 206 or 200), you have enumerated the exact Authentik version in use.
Tip
If the server supports byte-range requests (most do for static assets), it responds with 206 to indicate it returned only part of the file. That’s a good sign, as the file exists and you avoided downloading a 50 KB (or bigger) JS file just to check if it’s there.
python authentik-enum.py -h
usage: authentik-enum.py [-h] [--base-url BASE_URL] [--repo REPO] [--timeout TIMEOUT] [--sleep SLEEP] [--all] [--include-404] [--verbose]
Find (or enumerate) authentik AdminInterface-{version}.js and print HTTP status + MD5.
options:
-h, --help show this help message and exit
--base-url BASE_URL Base URL, e.g. https://sso.example.com (default: None)
--repo REPO GitHub repo to query for releases (default: goauthentik/authentik)
--timeout TIMEOUT Network timeout (seconds) (default: 30.0)
--sleep SLEEP Sleep between requests (seconds) (default: 0.0)
--all Do not stop at first hit; enumerate all versions (default: False)
--include-404 Print 404 rows (otherwise they are skipped) (default: False)
--verbose Print checked versions to STDERR (default: False)