From bec548847e6ce879e94cefb0c06bd75087663d61 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Wed, 13 Dec 2023 01:50:01 +0530
Subject: [PATCH] Added woodwing templates

---
 http/exposed-panels/woodwing-panel.yaml     | 26 +++++++++++++++
 http/misconfiguration/woodwing-git.yaml     | 35 +++++++++++++++++++++
 http/misconfiguration/woodwing-phpinfo.yaml | 30 ++++++++++++++++++
 3 files changed, 91 insertions(+)
 create mode 100644 http/exposed-panels/woodwing-panel.yaml
 create mode 100644 http/misconfiguration/woodwing-git.yaml
 create mode 100644 http/misconfiguration/woodwing-phpinfo.yaml

diff --git a/http/exposed-panels/woodwing-panel.yaml b/http/exposed-panels/woodwing-panel.yaml
new file mode 100644
index 0000000000..0594e24431
--- /dev/null
+++ b/http/exposed-panels/woodwing-panel.yaml
@@ -0,0 +1,26 @@
+id: woodwing-panel
+
+info:
+  name: Woodwing Studio Server - Panel
+  author: pdteam
+  severity: info
+  reference:
+    - https://twitter.com/ynsmroztas/status/1680961398011047936
+  metadata:
+    shodan-query: http.title:"WoodWing Studio Server"
+    fofa-query: title=="WoodWing Studio Server"
+  tags: woodwing,panel
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/StudioServer/server/apps/login.php"
+      - "{{BaseURL}}/server/apps/login.php"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: dsl
+        dsl:
+          - "contains(tolower(body), 'woodwing studio server')"
\ No newline at end of file
diff --git a/http/misconfiguration/woodwing-git.yaml b/http/misconfiguration/woodwing-git.yaml
new file mode 100644
index 0000000000..766070af96
--- /dev/null
+++ b/http/misconfiguration/woodwing-git.yaml
@@ -0,0 +1,35 @@
+id: woodwing-git
+
+info:
+  name: Woodwing Studio Server - Git Config
+  author: pdteam
+  severity: medium
+  reference:
+    - https://twitter.com/ynsmroztas/status/1680961398011047936
+  metadata:
+    shodan-query: http.title:"WoodWing Studio Server"
+    fofa-query: title=="WoodWing Studio Server"
+  tags: woodwing,git,config
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Server/.git/config"
+      - "{{BaseURL}}/StudioServer/.git/config"
+
+    stop-at-first-match: true
+    matchers:
+      - type: dsl
+        dsl:
+          - "!contains_all(tolower(body), '<html', '<body')"
+          - "contains_all(tolower(body), '[credentials]', '[core]')"
+          - "status_code == 200"
+        condition: and
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - "url ?= ?https?://(.*:.*)@"
+          - "AUTHORIZATION: basic (.*)"
+          - "pass = (.*)"
\ No newline at end of file
diff --git a/http/misconfiguration/woodwing-phpinfo.yaml b/http/misconfiguration/woodwing-phpinfo.yaml
new file mode 100644
index 0000000000..1af346c1f9
--- /dev/null
+++ b/http/misconfiguration/woodwing-phpinfo.yaml
@@ -0,0 +1,30 @@
+id: woodwing-phpinfo
+
+info:
+  name: Woodwing Studio Server - Phpinfo Config
+  author: pdteam
+  severity: medium
+  reference:
+    - https://twitter.com/ynsmroztas/status/1680961398011047936
+  metadata:
+    shodan-query: http.title:"WoodWing Studio Server"
+    fofa-query: title=="WoodWing Studio Server"
+  tags: woodwing,phpinfo
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/StudioServer/server/wwtest/phpinfo.php"
+      - "{{BaseURL}}/server/wwtest/phpinfo.php"
+
+    stop-at-first-match: true
+    redirects: true
+    max-redirects: 2
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(tolower(body), 'woodwing')
+          - contains(tolower(body), 'php extension')
+          - contains(tolower(body), 'php version')
+          - status_code == 200
+        condition: and
\ No newline at end of file