Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

IoT vDME Simulator Panel - Detect

By kannthu

Medium
Vidoc logoVidoc Module
#exposure#misconfig#panel
Description

IoT vDME Simulator Panel - Detect

What is the "IoT vDME Simulator Panel - Detect" module?

The "IoT vDME Simulator Panel - Detect" module is designed to detect misconfigurations in the IoT vDME Simulator panel. It targets the IoT vDME Simulator software and has a medium severity level. The module was authored by tess.

Impact

If a misconfiguration is detected in the IoT vDME Simulator panel, it can potentially expose the panel to anonymous access, allowing unauthorized users to create new items.

How does the module work?

The module works by sending an HTTP GET request to the specified path, which is port 9998. It then applies several matching conditions to determine if the misconfiguration is present:

- The body of the response must contain the following words: "<title>IoT vDME Simulator</title>", "Configuration Repository", and "Current configuration". - The response header must contain the word "text/html". - The HTTP status code must be 200.

If all of these conditions are met, the module will report the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET:9998
Matching conditions
word: <title>IoT vDME Simulator</title>, Confi...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability