Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Exposed Glances API

By kannthu

Low
Vidoc logoVidoc Module
#glances#exposure
Description

What is the "Exposed Glances API?"

The "Exposed Glances API" module is designed to detect misconfigurations in the Glances system monitoring tool. Glances is a cross-platform system monitoring tool written in Python. This module focuses on identifying potential vulnerabilities in the Glances API.

Severity: Low

Author: princechaddha

Impact

If a misconfiguration is detected in the Glances API, it could potentially expose sensitive system information to unauthorized users. This could lead to security breaches and compromise the integrity of the monitored system.

How does the module work?

The "Exposed Glances API" module uses HTTP request templates and matching conditions to identify misconfigurations in the Glances API. It sends HTTP requests to the target system and checks for specific patterns in the response body.

Example HTTP request:

GET /glances.config HTTP/1.1
Host: example.com

The module's matching conditions include:

- Checking the HTTP response status code, which should be 200 (OK). - Searching for specific words in the response body, such as "title">Glances", "glances.config", and "".

If all matching conditions are met, the module will report a potential misconfiguration in the Glances API.

For more information about Glances, you can visit the official Glances documentation.

Module preview

Concurrent Requests (0)
Passive global matcher
status: 200and
word: title">Glances</title>, glances.config, ...
On match action
Report vulnerability