fix-template

misconfiguration/webdav-enabled.yaml

@@ -0,0 +1,38 @@
+id: webdav-enabled
+
+info:
+  name: WebDAV Enabled
+  author: tess
+  severity: info
+  description: |
+    WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on your web server.
+  remediation: |
+    If you are not using this extension, it's recommended to be disabled.
+  reference:
+    - https://www.acunetix.com/vulnerabilities/web/webdav-enabled/
+  metadata:
+    verified: "true"
+    shodan-query: Ms-Author-Via: DAV
+  tags: webdav,misconfig,exposure
+
+requests:
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        OPTIONS / HTTP/1.1
+        Host: {{Hostname}}
+
+      - |
+        OPTIONS / HTTP/1.1
+        Host: {{Hostname}}
+        Authorization: Basic YW5vbnltb3VzOmFub255bW91cw==
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: header
+        words:
+          - "Ms-Author-Via: DAV"

misconfiguration/webdav-exposed.yaml

@@ -1,24 +0,0 @@
-id: webdav-exposed
-
-info:
-  name: Web Dav Exposed
-  author: tess
-  description: WebDAV is an extension to the HTTP protocol. It allows authorized users to remotely add and change content on the web server.
-  severity: info
-  tags: webdav,misconfig,exposure
-
-requests:
-  - raw:
-      - |
-        OPTIONS / HTTP/1.1
-        Host: {{Hostname}}
-        Authorization: Basic YW5vbnltb3VzOmFub255bW91cw==
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
-        Accept-Encoding: gzip,deflate,br
-        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
-
-    matchers:
-      - type: word
-        part: header
-        words:
-          - "Ms-Author-Via: DAV"