Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "IIS Windows Server Default Page" module is designed to detect the presence of the default page for Windows Server running Internet Information Services (IIS). It targets the IIS software and aims to identify any misconfigurations or vulnerabilities associated with the default page.
This module has an informative severity level, meaning it provides valuable information but does not indicate a critical security issue.
This module was authored by dhiyaneshDk.
The impact of this module is primarily informational. It helps users identify whether the default page for IIS Windows Server is properly configured or if there are any potential vulnerabilities that need to be addressed.
The "IIS Windows Server Default Page" module works by sending an HTTP request to the target server and analyzing the response. It uses a matching condition that checks for the presence of the "" tag in the response body.
If the response contains this tag, it indicates that the default page for IIS Windows Server is being served. The module then reports this information as a successful match.
Here is an example of an HTTP request that the module may send:
GET / HTTP/1.1
Host: example.com
The module's matching condition ensures that the response body contains the "" tag, indicating the presence of the default page.