fixed-template

added dork and additional endpoint

misconfiguration/webalizer-statistics.yaml

@@ -0,0 +1,36 @@
+id: webalizer-statistics
+
+info:
+  name: Webalizer Statistics Information Disclosure
+  author: 0x_Akoko
+  severity: low
+  description: |
+    The remote host is running the Webalizer Report generator. Webalizer parses web logs and gives a potential attacker information regarding hosts that have accessed the server, resources accessed, total statistics for the Web server, version of Web server, and more.
+  remediation: Use ACLs to protect the Webalizer report.
+  reference:
+    - https://www.rapid7.com/db/vulnerabilities/spider-webalizer-stats-disclosure
+    - https://www.tenable.com/plugins/nnm/2506
+  metadata:
+    verified: "true"
+    shodan-query: html:"Generated by The Webalizer"
+  tags: webalizer,logs,statistics
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/stats/index.html'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'Generated by The Webalizer'
+          - 'Usage Statistics'
+        condition: and
+
+      - type: status
+        status:
+          - 200

webalizer-script-logs.yaml

@@ -1,26 +0,0 @@
-id: webalizer-script-logs
-
-info:
-  name: Webalizer Script Logs
-  author: 0x_Akoko
-  severity: low
-  reference: https://www.rapid7.com/db/vulnerabilities/spider-webalizer-stats-disclosure
-  tags: webalizer,logs
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/stats/index.html'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - 'Generated by The Webalizer'
-          - '<!--  Give the power back to the programmers  -->'
-        condition: and
-
-      - type: status
-        status:
-          - 200