Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

CGI Test page

By kannthu

Informative
Vidoc logoVidoc Module
#cgi
Description

What is the "CGI Test page?" module?

The "CGI Test page" module is a test case designed to detect misconfigurations or vulnerabilities in CGI (Common Gateway Interface) scripts. It targets a specific software or web application that utilizes CGI scripts. The severity of this module is informative.

Impact

The "CGI Test page" module helps identify potential security issues in CGI scripts, which can lead to unauthorized access, data leakage, or other vulnerabilities. By detecting misconfigurations or vulnerabilities, it allows website owners to take appropriate actions to secure their CGI scripts and prevent potential attacks.

How the module works?

The "CGI Test page" module works by sending a GET request to the "/cgi-bin/test/test.cgi" path. It includes specific matchers to check for the presence of certain headers, such as "HTTP_ACCEPT" and "HTTP_ACCEPT_ENCODING", and verifies that the response status is 200. If all the matchers are satisfied, the module reports a potential vulnerability or misconfiguration.

By analyzing the response and matching conditions, the module can identify potential security weaknesses in CGI scripts. It provides valuable insights for website administrators to address any identified issues and enhance the security of their CGI scripts.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/cgi-bin/test/test.c...
Matching conditions
word: HTTP_ACCEPT, HTTP_ACCEPT_ENCODINGand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability