Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Exposed Cobbler Directories

By kannthu

Vidoc logoVidoc Module

What is "Exposed Cobbler Directories?"

The "Exposed Cobbler Directories" module is designed to detect misconfigurations in Cobbler, a Linux installation server. It scans for exposed directories within the Cobbler application, which could potentially lead to unauthorized access or information disclosure. This module has a medium severity level and was authored by c-sh0.


If an exposed Cobbler directory is found, it could allow attackers to gain insight into the server's configuration, potentially leading to further exploitation or unauthorized access. It is important to secure Cobbler directories to prevent any potential security risks.

How the module works?

The "Exposed Cobbler Directories" module works by sending HTTP requests to specific paths within the Cobbler application, namely "/cobbler/" and "/cblr/". It then applies matching conditions to determine if the directories are exposed.

The matching conditions include:

- Status: The module expects a response with a status code of 200. - Body: The module looks for specific words in the response body, such as "Index of /cobbler" or "Index of /cblr".

If both matching conditions are met, the module identifies the directories as exposed Cobbler directories.

Here is an example of an HTTP request sent by the module:

GET /cobbler/ HTTP/1.1

It is crucial to address any exposed Cobbler directories to ensure the security of the server and prevent potential unauthorized access or information disclosure.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
status: 200and
word: Index of /cobbler, Index of /cblr
Passive global matcher
No matching conditions.
On match action
Report vulnerability