Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Drupal User Enumeration [Redirect]

By kannthu

Informative
Vidoc logoVidoc Module
#drupal#misconfig
Description

What is the "Drupal User Enumeration [Redirect]" module?

The "Drupal User Enumeration [Redirect]" module is a test case designed to detect misconfigurations in Drupal websites. It targets the Drupal software and aims to identify potential vulnerabilities or weaknesses in user enumeration. The module has an informative severity level and was authored by 0w4ys.

Impact

This module helps identify if the Drupal website is vulnerable to user enumeration. User enumeration can provide attackers with valuable information about the website's user accounts, making it easier for them to launch targeted attacks such as brute force or phishing attempts.

How does the module work?

The "Drupal User Enumeration [Redirect]" module works by sending HTTP requests to specific paths on the target Drupal website. It then applies matching conditions to determine if user enumeration is possible. The module checks for the presence of a specific header and a status code of 301 in the server response.

For example, the module may send a GET request to paths like "/user/0", "/user/1", "/user/2", and "/user/3". It expects the server response to include a "Location" header with a URL pattern indicating a user profile page. Additionally, the response should have a status code of 301, indicating a redirect.

If both matching conditions are met, the module reports a potential vulnerability, indicating that user enumeration may be possible on the target Drupal website.

It's important to note that this module is just one test case among many that can be performed using the Vidoc platform.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/user/0/user/1/user/2(+1 paths)
Matching conditions
regex: (?i)Location: https?:\/\/[\w\.\-]+[:\/\w...and
status: 301
Passive global matcher
No matching conditions.
On match action
Report vulnerability