Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Exposed sharepoint list" module is a test case designed to detect misconfigurations in SharePoint lists. It targets SharePoint software and aims to identify instances where the list is exposed to unauthorized access. The severity of this module is classified as low.
This module was authored by ELSFA7110.
If the "Exposed sharepoint list" module detects a misconfigured SharePoint list, it indicates that sensitive information stored in the list may be accessible to unauthorized individuals. This can lead to potential data breaches and compromise the confidentiality of the data.
The "Exposed sharepoint list" module works by sending an HTTP GET request to the "/_vti_bin/lists.asmx?WSDL" endpoint of the SharePoint server. It then applies matching conditions to determine if the response indicates the presence of a misconfigured list.
The matching conditions used by this module are:
- The response body must contain the words "GetListResponse" and "GetList". - The HTTP response status code must be 200.If both conditions are met, the module flags the SharePoint list as potentially exposed.
Example HTTP request:
GET /_vti_bin/lists.asmx?WSDL
It is important to note that this module only performs a single test case and does not perform any further actions beyond reporting the vulnerability.
For more information, you can refer to the following references:
- https://hackerone.com/reports/761158 - https://hackerone.com/reports/300539