id: webmodule-ee-panel

info:
  name: Webmodule Login Panel - Detect
  author: pussycat0x,daffainfo
  severity: info
  description: Webmodule login panel was detected.
  reference:
    - https://www.exploit-db.com/ghdb/7001
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-200
  metadata:
    max-request: 1
    shodan-query: title:"Webmodule"
    google-query: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
  tags: edb,panel,webmodule-ee,login

http:
  - method: GET
    path:
      - "{{BaseURL}}/webmodule-ee/login.seam"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<title>Webmodule</title>"

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - 'Version: ([0-9.]+)'
# digest: 490a00463044022046fc8b13b678c0103c12a849f9bdf25c9c5a03493fa727f56f38cccfb12643ce02203ddd3d6a3b4e7c180dc742675213183d536f872f32c024a4606a575a46e0a3db:922c64590222798bb761d5b6d8e72950