id: tomcat-scripts

info:
  name: Apache Tomcat Example Scripts - Detect
  author: Co0nan,Higor Melgaço
  severity: info
  description: Multiple Apache Tomcat example scripts were detected.
  reference:
    - https://www.acunetix.com/vulnerabilities/web/apache-tomcat-examples-directory-vulnerabilities/
    - https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    max-request: 8
  tags: apache,tomcat,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/examples/servlets/index.html"
      - "{{BaseURL}}/examples/jsp/index.html"
      - "{{BaseURL}}/examples/websocket/index.xhtml"
      - "{{BaseURL}}/examples/servlets/servlet/SessionExample"
      - "{{BaseURL}}/..;/examples/servlets/index.html"
      - "{{BaseURL}}/..;/examples/jsp/index.html"
      - "{{BaseURL}}/..;/examples/websocket/index.xhtml"
      - "{{BaseURL}}/..;/examples/servlets/servlet/SessionExample"

    matchers:
      - type: word
        words:
          - "JSP Examples"
          - "JSP Samples"
          - "Servlets Examples"
          - "WebSocket Examples"
          - "GET based form"
        condition: or