Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

MyBB Installation Panel - Detect

By kannthu

High
Vidoc logoVidoc Module
#panel#mybb#forum
Description

What is the "MyBB Installation Panel - Detect" module?

The "MyBB Installation Panel - Detect" module is designed to detect the presence of the MyBB installation panel. MyBB is a popular forum software used to create online communities. This module focuses on identifying potential misconfigurations or vulnerabilities in the MyBB installation panel.

This module has a high severity level, indicating that any issues found could have a significant impact on the security of the MyBB installation.

Author: ritikchaddha

Impact

If the MyBB installation panel is detected and there are misconfigurations or vulnerabilities present, it could potentially allow unauthorized access or compromise the security of the forum. This could lead to unauthorized modifications, data breaches, or other malicious activities.

How does the module work?

The "MyBB Installation Panel - Detect" module works by sending an HTTP request to the target website's "/install/index.php" path. It then applies a set of matching conditions to determine if the MyBB installation panel is present and if any misconfigurations or vulnerabilities are detected.

Example HTTP request:

GET /install/index.php

The module uses the following matching conditions:

- The response body must contain the words "MyBB" and "Installation Wizard". - The response body must not contain the phrase "currently locked". - The HTTP response status code must be 200.

If all of these conditions are met, the module will report the detection of the MyBB installation panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/install/index.php
Matching conditions
word: MyBB, Installation Wizardand
NOT word: currently lockedand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability