Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Microsoft IIS Version Detect" module is designed to detect the version of Microsoft Internet Information Services (IIS) servers. It is a test case that can be used to identify specific Common Vulnerabilities and Exposures (CVEs) on your target servers. This module focuses on detecting the version of the IIS software running on the server.
This module is informative in terms of severity, meaning it provides valuable information but does not directly indicate a vulnerability or misconfiguration.
This module was authored by Wlayzz.
The impact of this module is purely informative. It helps you gather information about the version of Microsoft IIS running on a server, which can be useful for further analysis and vulnerability assessment.
The "Microsoft IIS Version Detect" module works by sending HTTP requests to the target server and analyzing the response headers. It specifically looks for the presence of the "IIS" keyword in the header and verifies that the response status is 200 (OK).
Here is a simplified example of an HTTP request sent by the module:
GET / HTTP/1.1
Host: example.com
The module then checks if the response header contains the keyword "IIS" and if the response status is 200. If both conditions are met, the module considers the server to be running Microsoft IIS.
This module is a valuable tool for identifying the version of Microsoft IIS servers and can assist in further vulnerability assessment and analysis.