nuclei-templates/misconfiguration/wamp-server-configuration.yaml

id: wamp-server-configuration

info:
  name: default-wamp-server-page
  author: pussycat0x
  severity: medium
  description: Wamp default page will expose sensitive configuration and vhosts.
  reference: https://www.exploit-db.com/ghdb/6891.
  tags: wamp,exposure

requests:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - 'contains(tolower(body), "wampserver")'

      - type: status
        status:
          - 200
matcher update 2021-07-12 20:12:15 +00:00			`id: wamp-server-configuration`

Add files via upload 2021-07-11 18:14:02 +00:00			`info:`
			`name: default-wamp-server-page`
			`author: pussycat0x`
			`severity: medium`
			`description: Wamp default page will expose sensitive configuration and vhosts.`
			`reference: https://www.exploit-db.com/ghdb/6891.`
Update wamp-server-configuration.yaml 2021-07-22 12:24:19 +00:00			`tags: wamp,exposure`
matcher update 2021-07-12 20:12:15 +00:00
Add files via upload 2021-07-11 18:14:02 +00:00			`requests:`
			`- method: GET`
			`path:`
matcher update 2021-07-12 20:12:15 +00:00			`- "{{BaseURL}}"`

Add files via upload 2021-07-11 18:14:02 +00:00			`matchers-condition: and`
			`matchers:`
matcher update 2021-07-12 20:12:15 +00:00			`- type: dsl`
			`dsl:`
			`- 'contains(tolower(body), "wampserver")'`

Add files via upload 2021-07-11 18:14:02 +00:00			`- type: status`
			`status:`
Update wamp-server-detect.yaml 2021-07-11 18:17:07 +00:00			`- 200`