nuclei-templates/http/misconfiguration/tomcat-scripts.yaml

id: tomcat-scripts

info:
  name: Apache Tomcat Example Scripts - Detect
  author: Co0nan,Higor Melgaço
  severity: info
  description: Multiple Apache Tomcat example scripts were detected.
  reference:
    - https://www.acunetix.com/vulnerabilities/web/apache-tomcat-examples-directory-vulnerabilities/
    - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    max-request: 8
  tags: apache,tomcat,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/examples/servlets/index.html"
      - "{{BaseURL}}/examples/jsp/index.html"
      - "{{BaseURL}}/examples/websocket/index.xhtml"
      - "{{BaseURL}}/examples/servlets/servlet/SessionExample"
      - "{{BaseURL}}/..;/examples/servlets/index.html"
      - "{{BaseURL}}/..;/examples/jsp/index.html"
      - "{{BaseURL}}/..;/examples/websocket/index.xhtml"
      - "{{BaseURL}}/..;/examples/servlets/servlet/SessionExample"

    matchers:
      - type: word
        words:
          - "JSP Examples"
          - "JSP Samples"
          - "Servlets Examples"
          - "WebSocket Examples"
          - "GET based form"
        condition: or

# digest: 4b0a00483046022100820ca52ed3e6e9b2c69b32cf2a4c4544f07c6e9cc35f3d1a90fac9d725fc5bfd022100ca7dc71bfa0a134de7edbc149af43af58466fd826c343913d4d4b32a9eb1f3dd:922c64590222798bb761d5b6d8e72950
added Tomcat Exposed Scripts detection 2020-06-20 10:32:29 +00:00			`id: tomcat-scripts`

			`info:`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 21:28:23 +00:00			`name: Apache Tomcat Example Scripts - Detect`
Path - updates 2023-04-21 11:54:57 +00:00			`author: Co0nan,Higor Melgaço`
severity updates 2020-09-20 12:57:43 +00:00			`severity: info`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 21:28:23 +00:00			`description: Multiple Apache Tomcat example scripts were detected.`
Path - updates 2023-04-21 11:54:57 +00:00			`reference:`
			`- https://www.acunetix.com/vulnerabilities/web/apache-tomcat-examples-directory-vulnerabilities/`
			`- https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks/`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 21:28:23 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
templateman update 2023-10-14 11:27:55 +00:00			`cvss-score: 0`
Enhancement: misconfiguration/tomcat-scripts.yaml by md 2023-02-06 21:28:23 +00:00			`cwe-id: CWE-200`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`metadata:`
			`max-request: 8`
templateman update 2023-10-14 11:27:55 +00:00			`tags: apache,tomcat,misconfig`
added Tomcat Exposed Scripts detection 2020-06-20 10:32:29 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
added Tomcat Exposed Scripts detection 2020-06-20 10:32:29 +00:00			`- method: GET`
			`path:`
			`- "{{BaseURL}}/examples/servlets/index.html"`
			`- "{{BaseURL}}/examples/jsp/index.html"`
Update tomcat-scripts.yaml Fix spaces 2020-08-19 04:37:24 +00:00			`- "{{BaseURL}}/examples/websocket/index.xhtml"`
Path - updates 2023-04-21 11:54:57 +00:00			`- "{{BaseURL}}/examples/servlets/servlet/SessionExample"`
Update tomcat-scripts.yaml Add websocket url and Orange-Tsai Path Normalization trick 2020-08-19 04:33:05 +00:00			`- "{{BaseURL}}/..;/examples/servlets/index.html"`
			`- "{{BaseURL}}/..;/examples/jsp/index.html"`
Update tomcat-scripts.yaml Fix spaces 2020-08-19 04:37:24 +00:00			`- "{{BaseURL}}/..;/examples/websocket/index.xhtml"`
Path - updates 2023-04-21 11:54:57 +00:00			`- "{{BaseURL}}/..;/examples/servlets/servlet/SessionExample"`
Apache Tomcat Template improvements (#3446) * Improved Tomcat matchers / extractors / paths * removed duplicate detections / matchers * removed duplicate template * Added missing tomcat tags 2021-12-29 13:40:59 +00:00
added Tomcat Exposed Scripts detection 2020-06-20 10:32:29 +00:00			`matchers:`
			`- type: word`
			`words:`
			`- "JSP Examples"`
			`- "JSP Samples"`
			`- "Servlets Examples"`
Update tomcat-scripts.yaml Add websocket url and Orange-Tsai Path Normalization trick 2020-08-19 04:33:05 +00:00			`- "WebSocket Examples"`
Path - updates 2023-04-21 11:54:57 +00:00			`- "GET based form"`
Apache Tomcat Template improvements (#3446) * Improved Tomcat matchers / extractors / paths * removed duplicate detections / matchers * removed duplicate template * Added missing tomcat tags 2021-12-29 13:40:59 +00:00			`condition: or`
TemplateMan Update [Fri Oct 20 11:41:12 UTC 2023] :robot: 2023-10-20 11:41:13 +00:00
			`# digest: 4b0a00483046022100820ca52ed3e6e9b2c69b32cf2a4c4544f07c6e9cc35f3d1a90fac9d725fc5bfd022100ca7dc71bfa0a134de7edbc149af43af58466fd826c343913d4d4b32a9eb1f3dd:922c64590222798bb761d5b6d8e72950`