id: snoop-servlet

info:
  name: Snoop Servlet - Information Disclosure
  author: omranisecurity
  severity: low
  description: |
    The Snoop Servlet returns information about the HTTP request itself and sometimes. It could help an attacker to prepare more advanced attacks.
  reference:
    - https://www.acunetix.com/vulnerabilities/\web/snoop-servlet-information-disclosure/
  metadata:
    max-request: 1
    shodan-query: title:"Snoop Servlet"
    fofa-query: title="Snoop Servlet"
  tags: config,exposure,snoop,snoop-servlet

http:
  - method: GET
    path:
      - "{{BaseURL}}/snoop"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(body, "Snoop Servlet - Request/Client Information")'
        condition: and
# digest: 490a0046304402201d22b71ab60cd5edf7fcb784c6c19b5aad78d949a207e5a40f4ad552cc3861d902204d6e63431f802264560a7272f21f7ca24f59ce64c402c5b2142fbcee1e456b97:922c64590222798bb761d5b6d8e72950