Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Moodle Installation Exposure

By kannthu

High
Vidoc logoVidoc Module
#misconfig#moodle#install#exposure
Description

Moodle Installation Exposure

What is the "Moodle Installation Exposure?"

The "Moodle Installation Exposure" module is designed to detect potential misconfigurations in Moodle installations. Moodle is a popular open-source learning management system used by educational institutions worldwide. This module focuses on identifying vulnerabilities related to the installation process of Moodle.

The severity of this module is classified as high, indicating that the detected misconfigurations can pose a significant risk to the security of the Moodle installation.

This module was authored by tess.

Impact

If the "Moodle Installation Exposure" module detects a misconfiguration, it signifies that the Moodle installation may have security vulnerabilities. These vulnerabilities could potentially be exploited by attackers to gain unauthorized access, manipulate data, or disrupt the functionality of the learning management system.

How does the module work?

The "Moodle Installation Exposure" module operates by sending HTTP requests to specific endpoints within the Moodle installation. It then applies a set of matching conditions to determine if a misconfiguration is present.

One example of an HTTP request sent by this module is a GET request to the "/install.php" path. The module checks the response body, headers, and status code to validate the presence of specific indicators:

GET /install.php
Headers: N/A
Matchers:
- Body contains the word "Installation - Moodle"
- Header contains the word "text/html"
- Status code is 200

If all the matching conditions are met, the module identifies a potential misconfiguration in the Moodle installation.

Metadata:

Verified: true

Shodan-query: title:"Installation Moodle"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/install.php
Matching conditions
word: Installation - Moodleand
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability