id: spidercontrol-scada-server-info

info:
  name: SpiderControl SCADA Web Server - Sensitive Information Exposure
  author: geeknik
  severity: high
  description: SpiderControl SCADA Web Server is vulnerable to sensitive information exposure. Numerous, market-leading OEM manufacturers - from a wide variety of industries - rely on SpiderControl.
  reference:
    - https://spidercontrol.net/spidercontrol-inside/
  metadata:
    max-request: 1
  tags: spidercontrol,scada,exposure,misconfig

http:
  - method: GET
    path:
      - '{{BaseURL}}/cgi-bin/GetSrvInfo.exe'

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "powered by SpiderControl"
          - "LSWEBSERVER"
          - "SCWEBSERVICES"
        condition: and

    extractors:
      - type: kval
        part: header
        kval:
          - Server

# digest: 4a0a0047304502206a7d84ca03133ba9da484f3891abf557beb9f9c3eeabd7c75fc5d9b21a570e81022100e4bbe768029fd8cb5657ef870d9c71451716eb94f2048de976bef952b15d96f1:922c64590222798bb761d5b6d8e72950