Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Manage Engine AD Search" module is designed to detect misconfigurations in the Manage Engine AD Manager service. This service can be configured to allow anonymous users to browse the Active Directory (AD) list remotely. The module targets this software to identify potential security vulnerabilities.
Severity: High
Author: PR3R00T
If misconfigured, the Manage Engine AD Manager service can expose sensitive information from the AD list to unauthorized users. This can lead to potential data breaches, unauthorized access to user accounts, and other security risks.
The module sends a GET request to the "/ADSearch.cc?methodToCall=search" endpoint of the Manage Engine AD Manager service. It then applies matching conditions to determine if the service is misconfigured.
The matching conditions include:
- Status: The response status code must be 200. - Keywords: The response body must contain the words "ManageEngine" and "ADManager".If all matching conditions are met, the module reports a vulnerability.
Example HTTP request:
GET /ADSearch.cc?methodToCall=search