Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

EShop Installer Exposure

By kannthu

High
Vidoc logoVidoc Module
#misconfig#eshop#install#exposure
Description

EShop Installer Exposure

What is the EShop Installer Exposure Module?

The EShop Installer Exposure module is designed to detect misconfigurations in the installation process of the eShop software. It specifically focuses on identifying instances where the "install" directory is exposed. This module is created by an unknown author.

This module has a severity level of high, indicating that it can potentially lead to significant security risks if not addressed.

Impact

If the EShop Installer Exposure module detects a misconfiguration, it means that the installation process of the eShop software is not properly secured. This can allow unauthorized access to sensitive information or provide an entry point for attackers to exploit the system.

How the module works?

The EShop Installer Exposure module works by sending a GET request to the "/install/" path of the target website. It then applies a series of matching conditions to determine if the installation page is exposed.

The matching conditions include:

- The response body must contain the words "eShop Installer" and "Welcome to Installer". - The response header must include the word "text/html". - The HTTP status code must be 200.

If all of these conditions are met, the module will flag the installation page as exposed.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/install/
Matching conditions
word: eShop Installer, Welcome to Installerand
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability