Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Fastcgi Echo Endpoint Exposure

By kannthu

Informative
Vidoc logoVidoc Module
#exposure#logs#oracle#fastcgi#edb
Description

What is the "Fastcgi Echo Endpoint Exposure?"

The "Fastcgi Echo Endpoint Exposure" module is designed to detect a misconfiguration in the FastCGI module delivered with the Apache httpd server, which is incorporated into the Oracle Application Server. This module targets the FastCGI echo programs (echo and echo2) that should be removed or disabled in all Oracle Application Server implementations. The severity of this misconfiguration is informative.

Author: powerexploit

Impact

If the FastCGI echo programs are not removed or disabled, they can provide information to potential attackers, making it easier for them to launch targeted attacks against the Oracle Application Server.

How the module works?

The "Fastcgi Echo Endpoint Exposure" module works by sending a GET request to the "/fcgi-bin/echo" path. It then applies the following matching conditions:

- The response body must contain the HTML title tag "<title>FastCGI echo</title>". - The response header must contain the word "text/html". - The HTTP status code must be 200.

If all of these conditions are met, the module reports a vulnerability.

Example HTTP request:

GET /fcgi-bin/echo HTTP/1.1
Host: example.com

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/fcgi-bin/echo
Matching conditions
word: <title>FastCGI echo</title>and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability