Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Everything Server Exposure" module is designed to detect server misconfigurations related to the "Everything" desktop search utility for Windows. This module focuses on identifying potential vulnerabilities that could expose sensitive information or allow unauthorized access to the server.
The "Everything" utility is a freeware tool that enables users to quickly search for files and folders by name on their Windows systems. It provides a convenient way to locate specific files, but if not properly configured, it can inadvertently expose sensitive data or grant unauthorized access to the server.
This module has a high severity rating, indicating that the identified misconfigurations or vulnerabilities could have a significant impact on the security of the server.
Author: pussycat0x
If the "Everything Server Exposure" module detects a misconfiguration or vulnerability, it could potentially lead to unauthorized access to the server or the exposure of sensitive information. This could result in data breaches, unauthorized modifications, or other security incidents.
The "Everything Server Exposure" module utilizes HTTP request templates and matching conditions to identify potential misconfigurations or vulnerabilities in the targeted server. It performs specific checks to determine if the server is properly configured and secured.
One example of an HTTP request used by this module is:
GET / HTTP/1.1
Host: [target server]
This module applies the following matching conditions:
- Global Matchers: - Matchers: - Part: All - Type: Word - Words: "<title>Everything</title>", "indexof" - Negative: False - Condition: And - Matchers Condition: And - Status Matcher: - Status: 200 - Negative: False - Condition: AndThese matching conditions ensure that the server's response contains the specified words in the title tag and that the HTTP status code is 200. If both conditions are met, the module identifies a potential misconfiguration or vulnerability.
For more information about the "Everything" utility, you can visit the official website: https://www.voidtools.com/
Metadata:
Max Request: 1
Verified: True
Shodan Query: http.favicon.hash:-977323269