Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Telerik Web UI Dialog Handler

By kannthu

Informative
Vidoc logoVidoc Module
#tech#telerik#asp
Description

What is the "Detect Telerik Web UI Dialog Handler?" module?

The "Detect Telerik Web UI Dialog Handler" module is designed to detect the presence of the Telerik Web UI Dialog Handler software. Telerik Web UI Dialog Handler is a component used in web applications developed with Telerik UI framework. This module focuses on identifying any misconfigurations or vulnerabilities related to the Telerik Web UI Dialog Handler.

This module has an informative severity level, which means it provides valuable information about the presence of the Telerik Web UI Dialog Handler but does not directly indicate a security risk.

Impact

The impact of the "Detect Telerik Web UI Dialog Handler" module is primarily informational. It helps users identify if the Telerik Web UI Dialog Handler is present in their web applications and provides insights into any potential misconfigurations or vulnerabilities associated with it. By detecting the presence of this software, users can take appropriate actions to ensure the security and proper configuration of their web applications.

How the module works?

The "Detect Telerik Web UI Dialog Handler" module works by sending HTTP GET requests to various paths commonly associated with the Telerik Web UI Dialog Handler. It then applies matching conditions to determine if the software is present and if any specific vulnerabilities or misconfigurations are detected.

For example, one of the paths that the module checks is "/Telerik.Web.UI.DialogHandler.aspx?dp=1". If the response status is 200 and the response body contains the phrase "Invalid length for a Base-64 char array", the module considers it a match.

The module uses a combination of status code and keyword matching conditions to identify the presence of the Telerik Web UI Dialog Handler and any associated vulnerabilities or misconfigurations. These matching conditions ensure accurate detection and provide users with actionable information.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/Telerik.Web.UI.Dial.../desktopmodules/tele.../desktopmodules/dnnw...(+14 paths)
Matching conditions
status: 200and
word: Invalid length for a Base-64 char array
Passive global matcher
No matching conditions.
On match action
Report vulnerability