Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "ArcGIS Token Service - Detect" module is designed to check for the existence of the ArcGIS Token Service on an ArcGIS server. ArcGIS is a geographic information system (GIS) software that allows users to create, analyze, and share maps and spatial data. This module focuses on detecting misconfigurations related to the ArcGIS Token Service.
This module has an informative severity level, which means it provides valuable information but does not indicate a critical vulnerability or security issue.
Author: HeeresS
This module does not directly impact the system being scanned. Instead, it helps identify potential misconfigurations in the ArcGIS Token Service, which could lead to security vulnerabilities if left unaddressed.
The "ArcGIS Token Service - Detect" module sends an HTTP GET request to the "/arcgis/tokens/" path on the target server. It then applies two matching conditions to determine if the ArcGIS Token Service is present:
If both matching conditions are met, the module reports a successful detection of the ArcGIS Token Service.
Example HTTP request:
GET /arcgis/tokens/ HTTP/1.1
Host: [target server]
Note: The actual target server and other specific details will be provided by the Vidoc platform during scanning.
For more information about ArcGIS, you can visit the official website: https://enterprise.arcgis.com/en/
Metadata:
- max-request: 1 - verified: true - shodan-query: title:"ArcGIS"