Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

FrontPage configuration information discloure

By kannthu

Informative
Vidoc logoVidoc Module
#misconfig#exposure#frontpage
Description

What is the "FrontPage configuration information disclosure?"

The "FrontPage configuration information disclosure" module is designed to detect misconfigurations in the FrontPage software. FrontPage is a web design tool developed by Microsoft. This module focuses on identifying vulnerabilities related to the exposure of sensitive configuration information.

This module has an informative severity level, which means it provides valuable information but does not directly indicate a security vulnerability.

Author: JTeles, pikpikcu

Impact

If a misconfiguration is detected, it could potentially expose sensitive information about the FrontPage configuration. This information could be leveraged by attackers to gain unauthorized access or gather intelligence about the target system.

How does the module work?

The "FrontPage configuration information disclosure" module works by sending HTTP requests to specific paths on the target system. It checks for the presence of certain keywords in the response body and verifies that the response status is 200 (OK).

For example, one of the HTTP requests sent by this module is:

GET /_vti_inf.html/_vti_pvt/service.cnf

The module then checks if the response body contains the keywords "vti_extenderversion:" and "FPVersion=". If both conditions are met, a misconfiguration is detected.

This module is designed to identify misconfigurations in the FrontPage software and provide valuable information to the user. It does not directly fix or mitigate any vulnerabilities.

Reference: https://docs.microsoft.com/en-us/archive/blogs/fabdulwahab/security-protecting-sharepoint-server-applications

Metadata: max-request: 2

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/_vti_inf.html/_vti_pvt/service.cn...
Matching conditions
word: vti_extenderversion:, FPVersion=and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability