Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

AVTECH DVR - SSRF

By kannthu

Medium
Vidoc logoVidoc Module
#ssrf#avtech#unauth#iot
Description

What is "AVTECH DVR - SSRF"?

The "AVTECH DVR - SSRF" module is designed to detect SSRF (Server-Side Request Forgery) vulnerabilities in AVTECH DVR devices. SSRF is a type of vulnerability that allows an attacker to make requests from the vulnerable server to internal resources or external targets. This module specifically targets AVTECH DVR devices, which are commonly used for video surveillance. The severity of this vulnerability is classified as medium.

Impact

If successfully exploited, an SSRF vulnerability in AVTECH DVR devices can allow an attacker to bypass security measures and access sensitive information or resources. This can lead to unauthorized access, data leakage, or further compromise of the affected system.

How the module works?

The "AVTECH DVR - SSRF" module works by sending a GET request to the "/cgi-bin/nobody/Search.cgi?action=scan" endpoint on the target AVTECH DVR device. It then applies a series of matching conditions to determine if the SSRF vulnerability is present.

The matching conditions include:

- Checking the response body for the presence of specific keywords such as "Search.Device", "Proto=", and "IPAddress=" - Verifying that the response header contains the word "text/plain" - Ensuring that the HTTP response status code is 200

If all of these conditions are met, the module flags the AVTECH DVR device as vulnerable to SSRF.

It is important to note that this module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various vulnerabilities, misconfigurations, and software fingerprints.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/cgi-bin/nobody/Sear...
Matching conditions
word: Search.Device, Proto=, IPAddress=and
word: text/plainand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability