Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The ArcGIS REST Services Directory - Detect module is a test case designed to detect the presence of the "/arcgis/rest/services" path on an ArcGIS server. It focuses on the ArcGIS REST Services Directory and the ArcGIS software.
This module is used to identify misconfigurations or vulnerabilities related to the ArcGIS REST Services Directory. It is an informative module that provides insights into potential security issues.
The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat.
The impact of this module is primarily informational. It helps identify potential misconfigurations or vulnerabilities in the ArcGIS REST Services Directory, allowing administrators to take appropriate actions to secure their systems.
The ArcGIS REST Services Directory - Detect module works by sending a GET request to the "/arcgis/rest/services" path on the target ArcGIS server. It then applies matching conditions to determine if the request was successful (status code 200) and if the response contains specific keywords, such as "REST Services Directory" and "ArcGIS".
By analyzing the response and matching conditions, the module can identify if the ArcGIS REST Services Directory is accessible and potentially detect any misconfigurations or vulnerabilities associated with it.
Here is an example of the HTTP request sent by the module:
GET /arcgis/rest/services
The matching conditions used by this module are:
- The response must have a status code of 200. - The response must contain the keywords "REST Services Directory" and "ArcGIS".If both conditions are met, the module considers the test case successful and reports the presence of the ArcGIS REST Services Directory.