Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "DokuWiki Install Exposure" module is designed to detect a specific misconfiguration in DokuWiki installations. DokuWiki is a popular open-source wiki software that allows users to create and manage content collaboratively. This module focuses on identifying instances where the DokuWiki installation exposes its installation page, which can potentially lead to unauthorized access or exploitation.
This module has a severity level of high, indicating the potential risk associated with the identified misconfiguration.
This module was authored by DhiyaneshDk.
If the DokuWiki installation page is exposed, it can provide valuable information to potential attackers. They may gain insights into the version of DokuWiki being used, which can help them identify known vulnerabilities or weaknesses. Additionally, the exposed installation page may allow unauthorized individuals to perform actions that could compromise the security and integrity of the DokuWiki installation.
The "DokuWiki Install Exposure" module works by sending an HTTP GET request to the "/install.php" path of the target DokuWiki installation. It then applies a set of matching conditions to determine if the installation page is exposed.
The matching conditions include:
- Body: The response body must contain the words "DokuWiki Installer" and "Superuser". - Header: The response header must contain the word "text/html". - Status: The response status code must be 200 (OK).If all the matching conditions are met, the module identifies the misconfiguration and reports it as a vulnerability.
Example HTTP request:
GET /install.php
Please note that the actual module definition is not shown here for simplicity.