id: wadl-api

info:
  name: WADL API File Disclosure - Detect
  author: 0xrudra,manuelbua
  severity: info
  description: WADL API login panel was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  reference:
    - https://github.com/dwisiswant0/wadl-dumper
    - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/
  tags: exposure,api

requests:
  - method: GET
    path:
      - "{{BaseURL}}/application.wadl"
      - "{{BaseURL}}/application.wadl?detail=true"
      - "{{BaseURL}}/api/application.wadl"
      - "{{BaseURL}}/api/v1/application.wadl"
      - "{{BaseURL}}/api/v2/application.wadl"

    stop-at-first-match: true
    matchers:
      - name: http-get
        type: word
        words:
          - "This is simplified WADL with user and core resources only"
          - "http://jersey.java.net"
          - "http://wadl.dev.java.net/2009/02"

  - method: OPTIONS
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/api/v1"
      - "{{BaseURL}}/api/v2"

    stop-at-first-match: true
    matchers:
      - name: http-options
        type: word
        words:
          - "This is simplified WADL with user and core resources only"
          - "http://jersey.java.net"
          - "http://wadl.dev.java.net/2009/02"

# Enhanced by mp on 2023/02/05