id: jkstatus-manager

info:
  name: JK Status Manager - Detect
  author: pdteam,DhiyaneshDk
  severity: low
  reference:
    - https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JKStatus.java
  metadata:
    verified: "true"
    shodan-query: html:"JK Status Manager"
  tags: config,jk,status

requests:
  - method: GET
    headers:
      X-Forwarded-For: "127.0.0.1"

    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/status"
      - "{{BaseURL}}/jkstatus"
      - "{{BaseURL}}/jkstatus-auth"
      - "{{BaseURL}}/jk-status"
      - "{{BaseURL}}/jkmanager"
      - "{{BaseURL}}/jkmanager-auth"
      - "{{BaseURL}}/jdkstatus"

    stop-at-first-match: true
    matchers:
      - type: word
        words:
          - "JK Status Manager"