Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

IIS Windows Server Default Page

By kannthu

Informative
Vidoc logoVidoc Module
#tech#windows#iis
Description

What is the "IIS Windows Server Default Page?"

The "IIS Windows Server Default Page" module is designed to detect the presence of the default page for Windows Server running Internet Information Services (IIS). It targets the IIS software and aims to identify any misconfigurations or vulnerabilities associated with the default page.

This module has an informative severity level, meaning it provides valuable information but does not indicate a critical security issue.

This module was authored by dhiyaneshDk.

Impact

The impact of this module is primarily informational. It helps users identify whether the default page for IIS Windows Server is properly configured or if there are any potential vulnerabilities that need to be addressed.

How does the module work?

The "IIS Windows Server Default Page" module works by sending an HTTP request to the target server and analyzing the response. It uses a matching condition that checks for the presence of the "" tag in the response body.

If the response contains this tag, it indicates that the default page for IIS Windows Server is being served. The module then reports this information as a successful match.

Here is an example of an HTTP request that the module may send:

GET / HTTP/1.1
Host: example.com

The module's matching condition ensures that the response body contains the "" tag, indicating the presence of the default page.

Module preview

Concurrent Requests (0)
Passive global matcher
word: <title>IIS Windows Server</title>
On match action
Report vulnerability