Detect directory listing enabled

What is "Detect directory listing enabled?"

"Detect directory listing enabled" is a module designed to identify misconfigurations in web servers that result in the display of directory contents instead of a designated webpage. This misconfiguration can potentially expose sensitive information or allow unauthorized access to server resources. The severity of this vulnerability is classified as medium.

Impact

A directory listing misconfiguration can have significant consequences for the security of a web server. It may expose sensitive files and directories, allowing attackers to gain unauthorized access to resources. Additionally, it can provide valuable information to potential attackers, such as the server's directory structure and the presence of specific files or directories.

How the module works?

The "Detect directory listing enabled" module operates by sending HTTP requests to the target web server and analyzing the responses for specific patterns. It checks for the presence of phrases like "Directory listing for," "Index of /," "[To Parent Directory]," "Directory: /," and "" in the response body. If any of these patterns are found, it indicates that the web server is misconfigured and displaying directory listings.

The module also includes negative matchers to exclude false positives. It checks for the absence of the phrase "https://github.com/rgrp/s3-bucket-listing" and the absence of certain words like "getInfoFromS3Data," "createS3QueryUrl," "getS3Data," and "BUCKET_WEBSITE_URL" in the response body.

By combining these matching conditions, the module accurately detects whether directory listing is enabled on the target web server.