Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Caucho Resin Information Disclosure

By kannthu

High
Vidoc logoVidoc Module
#resin#caucho#lfr
Description

What is the "Caucho Resin Information Disclosure?"

The "Caucho Resin Information Disclosure" module is designed to detect a specific vulnerability in the Caucho Resin software. This vulnerability can lead to the disclosure of sensitive information. The severity of this vulnerability is classified as high. The module was authored by princechaddha.

Impact

If exploited, the "Caucho Resin Information Disclosure" vulnerability can result in the exposure of sensitive information. This can potentially lead to unauthorized access, data breaches, and other security risks.

How the module works?

The module works by sending an HTTP request to the target server and analyzing the response. It specifically looks for a certain path ("/%20../web-inf/") and checks if the response status is 200 (OK) and if the response body contains specific words ("/ ../web-inf/" and "Directory of /"). If these conditions are met, the module identifies the presence of the vulnerability.

Here is an example of the HTTP request sent by the module:

GET /%20../web-inf/

The module uses the following matching conditions:

- Status: 200 (OK) - Response body contains: "/ ../web-inf/" and "Directory of /"

When these matching conditions are satisfied, the module reports the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/%20../web-inf/
Matching conditions
status: 200and
word: / ../web-inf/, Directory of /
Passive global matcher
No matching conditions.
On match action
Report vulnerability