Automate Recon and scanning process with Vidoc. All security teams in one place
The "EC2 Instance Information" module is designed to detect misconfigurations in EC2 instances on the AWS (Amazon Web Services) platform. It targets EC2 instances and provides information about their configuration. This module has a low severity level.
This module does not have a direct impact on the system. It is used to identify potential misconfigurations in EC2 instances, which could lead to security vulnerabilities or performance issues if left unaddressed.
The "EC2 Instance Information" module works by sending HTTP requests to the target system and analyzing the responses based on specific matching conditions. It checks for the presence of the "
<title>EC2 Instance Information</title>" tag in the response body, the "text/html" content type in the response header, and a 200 status code in the response. If all conditions are met, the module reports a vulnerability.
Example HTTP request:
GET / HTTP/1.1 Host: example.com
Matching conditions:- The response body must contain the "
<title>EC2 Instance Information</title>" tag. - The response header must have the "text/html" content type. - The response status code must be 200.
Note: The module definition is not shown here for simplicity.