Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Oracle Application Server test-cgi Page

By kannthu

Informative
Vidoc logoVidoc Module
#oracle#exposure
Description

Oracle Application Server test-cgi Page

What is the Oracle Application Server test-cgi Page?

The Oracle Application Server test-cgi Page module is designed to detect misconfigurations or vulnerabilities in the Oracle Application Server. It targets the test-cgi page and checks for specific conditions to determine if there is a potential issue. The severity of this module is classified as informative, meaning it provides valuable information but may not indicate a critical vulnerability. This module was authored by DhiyaneshDk.

Impact

The impact of a misconfiguration or vulnerability in the Oracle Application Server test-cgi page can vary depending on the specific issue detected. It could potentially expose sensitive information or allow unauthorized access to the server. It is important to address any identified issues to ensure the security and integrity of the Oracle Application Server.

How the module works?

The Oracle Application Server test-cgi Page module works by sending a GET request to the "/cgi-bin/test-cgi" path of the server. It then applies a series of matching conditions to determine if the server is configured correctly and if any vulnerabilities are present.

The matching conditions for this module are as follows:

- The response body must contain the string "SERVER_SOFTWARE =". - The response header must contain the string "text/plain". - The HTTP status code must be 200.

If all of these conditions are met, the module will report a potential misconfiguration or vulnerability in the Oracle Application Server test-cgi page.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/cgi-bin/test-cgi
Matching conditions
word: SERVER_SOFTWARE =and
word: text/plainand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability