Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

OpenVPN Monitor - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#openvpn#disclosure#panel
Description

OpenVPN Monitor - Detect

What is the "OpenVPN Monitor - Detect" module?

The "OpenVPN Monitor - Detect" module is designed to detect misconfigurations in OpenVPN servers. It targets the OpenVPN Status Monitor, a simple Python program that generates HTML to display the status of an OpenVPN server. This module has an informative severity level, which means it provides valuable information without indicating a critical vulnerability. The original author of this module is not specified.

Impact

The impact of misconfigurations in OpenVPN servers can vary depending on the specific misconfiguration. However, it can potentially lead to unauthorized access, data leaks, or other security risks. It is important to address any detected misconfigurations promptly to ensure the security and integrity of the OpenVPN server.

How the module works?

The "OpenVPN Monitor - Detect" module works by sending an HTTP GET request to the "/openvpn-monitor/" path of the target server. It then applies a series of matching conditions to determine if the server is running the OpenVPN Status Monitor and if the expected HTML content is present in the response.

Here is an example of the HTTP request sent by the module:

GET /openvpn-monitor/ HTTP/1.1
Host: [target server]

The module uses the following matching conditions:

- Status: The response status code must be 200. - Body: The response body must contain the following words: "OpenVPN Status Monitor", "Username", "VPN IP", and "Remote IP". - Header: The response header must contain the word "text/html".

If all the matching conditions are met, the module will report the detected misconfiguration in the OpenVPN server.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/openvpn-monitor/
Matching conditions
status: 200and
word: OpenVPN Status Monitor, Username, VPN IP...and
word: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability