AWStats Listing

By kannthu

Low

Vidoc Module

#misconfig#aws#exposure#amazon#awstats

Description

What is the "AWStats Listing" module?

The "AWStats Listing" module is designed to detect exposed AWStats internal information. AWStats is a popular open-source web analytics tool used to analyze web server log files. This module focuses on identifying misconfigurations or vulnerabilities related to AWStats.

Severity: Low

Author: tess

Impact

If the AWStats Listing module detects an exposed AWStats installation, it could potentially expose sensitive information about the web server and its usage. This information could be leveraged by attackers to gain insights into the server's configuration and potentially exploit any vulnerabilities.

How does the module work?

The AWStats Listing module works by sending a GET request to the "/awstats/data" path on the target server. It then applies two matching conditions to determine if the AWStats installation is exposed:

- The module checks if the response body contains the string "Index of /awstats/data/" and "\">awstats". This indicates that the AWStats data directory is accessible and potentially exposed. - The module also verifies that the response status code is 200, indicating a successful request.

If both conditions are met, the module reports a potential vulnerability or misconfiguration related to the exposed AWStats installation.

Example HTTP request:

GET /awstats/data

Module preview

Concurrent Requests (1)

1. HTTP Request template

GET/awstats/data

Matching conditions

word: Index of /awstats/data/, ">awstatsand

status: 200

Passive global matcher

No matching conditions.

On match action

Report vulnerability