id: server-status-localhost

info:
  name: Server Status Disclosure
  author: pdteam,geeknik
  severity: low
  description: Apache Server Status page is exposed, which may contain information about pages visited by the users, their IPs or sensitive information such as session tokens.
  metadata:
    max-request: 1
  tags: apache,debug,misconfig

http:
  - method: GET

    headers:
      Forwarded: "127.0.0.1"
      X-Client-IP: "127.0.0.1"
      X-Forwarded-By: "127.0.0.1"
      X-Forwarded-For: "127.0.0.1"
      X-Forwarded-For-IP: "127.0.0.1"
      X-Forwarded-Host: "127.0.0.1"
      X-Host: "127.0.0.1"
      X-Originating-IP: "127.0.0.1"
      X-Remote-Addr: "127.0.0.1"
      X-Remote-IP: "127.0.0.1"
      X-True-IP: "127.0.0.1"
    path:
      - "{{BaseURL}}/server-status"

    matchers:
      - type: word
        words:
          - "Apache Server Status"
          - "Server Version"
        condition: and
# digest: 4a0a00473045022100978e79f5293059d77d7f12996faeb5e7327979bbdc03480dfaa632ce3692895002201fd20b313ef4e49782dca03918a3d53e057bdec80e366451c875c462b9992e8d:922c64590222798bb761d5b6d8e72950