Apache JSPWiki - User IP Enumeration

ID: apache-jspwiki-ip-userenum

Severity: low

Author: icarot

Tags: jspwiki,apache,enumeration

Description

Enumerates the IP Address and users that is currently accessing an Apache JSPWiki web application, leading open source WikiWiki engine, feature-rich and built around standard JEE components (Java, servlets, JSP).

YAML Source

id: apache-jspwiki-ip-userenum

info:
  name: Apache JSPWiki - User IP Enumeration
  author: icarot
  severity: low
  description: |
    Enumerates the IP Address and users that is currently accessing an Apache JSPWiki web application, leading open source WikiWiki engine, feature-rich and built around standard JEE components (Java, servlets, JSP).
  classification:
    cpe: cpe:2.3:a:apache:jspwiki:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    verified: true
    vendor: apache
    product: jspwiki
  tags: jspwiki,apache,enumeration

http:
  - method: GET
    path:
      - "{{BaseURL}}/Wiki.jsp?page=SystemInfo"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<b>Active Wiki Users</b>'
          - 'Number of active sessions'
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100bd09ebcc24615aa190c169ce223570155ec90a8a18a0005e3e1186860a51a23a022003ac2583ebdfba15712198bc085e89365db591843c57d187e58617d2209880c5:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/exposures/configs/apache-jspwiki-ip-userenum.yaml"

View on Github