Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

HAProxy Statistics Page - Detect

By kannthu

Medium
Vidoc logoVidoc Module
#logs#haproxy#edb
Description

What is the "HAProxy Statistics Page - Detect" module?

The "HAProxy Statistics Page - Detect" module is designed to detect the presence of the HAProxy statistics page. HAProxy is a popular open-source load balancer and proxy server software. This module focuses on identifying the statistics page, which provides detailed information about the performance and status of the HAProxy server.

This module has a medium severity level, indicating that it may have potential security implications if misconfigured or exploited.

Author: dhiyaneshDK

Impact

The presence of the HAProxy statistics page can expose sensitive information about the server's configuration, performance, and potentially other internal details. If left unprotected or accessible to unauthorized users, this information could be exploited by attackers to gain insights into the system and potentially launch further attacks.

How does the module work?

The module works by sending HTTP requests to specific paths associated with the HAProxy statistics page, such as "/haproxy-status" and "/haproxy?stats". It then applies matching conditions to determine if the page is present and accessible.

For example, one of the matching conditions checks if the response contains the phrase "Statistics Report for HAProxy". Additionally, it verifies that the HTTP response status is 200, indicating a successful request.

By analyzing the responses and matching conditions, the module can determine if the HAProxy statistics page is present and accessible.

Reference: https://www.exploit-db.com/ghdb/4191

Metadata: max-request: 2

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/haproxy-status/haproxy?stats
Matching conditions
word: Statistics Report for HAProxyand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability