Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Adobe Connect Username Exposure

By kannthu

Low
Vidoc logoVidoc Module
#adobe#disclosure#packetstorm
Description

What is the "Adobe Connect Username Exposure?"

The "Adobe Connect Username Exposure" module is designed to detect a specific vulnerability in Adobe Connect 10. It focuses on identifying instances where the usernames of administrators and support administrators are exposed. This vulnerability has a low severity level.

This module was authored by dhiyaneshDk.

Impact

If the vulnerability is present, it can potentially lead to the disclosure of sensitive information. Exposing the usernames of administrators and support administrators can aid attackers in their attempts to gain unauthorized access to the Adobe Connect system.

How the module works?

The module works by sending an HTTP GET request to the "/system/help/support" path of the target Adobe Connect system. It then applies matching conditions to determine if the vulnerability is present.

The matching conditions for this module are:

- The response body must contain the following words: "Administrators name:" and "Support Administrators email address:" - The response status code must be 200

If both conditions are met, the module flags the vulnerability as detected.

Here is an example of the HTTP request sent by the module:

GET /system/help/support

The module then analyzes the response to check for the presence of the specified words and the expected status code.

For more information, you can refer to the reference provided.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/system/help/support
Matching conditions
word: Administrators name:, Support Administra...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability