Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Druid Monitor Unauthorized Access

By kannthu

High
Vidoc logoVidoc Module
#druid#unauth
Description

What is the "Druid Monitor Unauthorized Access?" module?

The "Druid Monitor Unauthorized Access" module is a test case designed to detect unauthorized access vulnerabilities in the Druid monitoring software. It is a high severity module that aims to identify potential security risks related to misconfigurations or vulnerabilities in the software.

This module was authored by ohlinge.

Impact

If the "Druid Monitor Unauthorized Access" module detects unauthorized access, it indicates that the target Druid monitoring software may be vulnerable to unauthorized access by unauthorized users. This could potentially lead to unauthorized data access, manipulation, or other security breaches.

How does the module work?

The "Druid Monitor Unauthorized Access" module works by sending an HTTP GET request to the "/druid/index.html" path of the target Druid monitoring software. It then applies matching conditions to determine if unauthorized access is possible.

The matching conditions for this module are as follows:

- The response body must contain the phrase "Druid Stat Index</title>" - The response status code must be 200

If both matching conditions are met, the module will report a vulnerability related to unauthorized access in the target Druid monitoring software.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/druid/index.html
Matching conditions
word: Druid Stat Index</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability