Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Oracle ATG Commerce Panel - Detect" module is a test case designed to detect the presence of the Oracle ATG Commerce panel. This module focuses on identifying misconfigurations or vulnerabilities related to the Oracle ATG Commerce software. It has an informative severity level, meaning it provides valuable information without posing an immediate threat. The module was authored by Dale Clarke.
The detection of the Oracle ATG Commerce panel can indicate potential security risks or misconfigurations within the system. It is important to address any identified issues promptly to ensure the security and stability of the Oracle ATG Commerce platform.
The "Oracle ATG Commerce Panel - Detect" module utilizes HTTP request templates and matching conditions to identify the presence of the Oracle ATG Commerce panel. It performs the following checks:
- Checks the HTTP response headers for the presence of the "x-atg-version" and "atg_session_id" keywords. This helps identify if the Oracle ATG Commerce panel is being used. - Verifies that the HTTP response status code is 200, indicating a successful request.By combining these matching conditions, the module determines whether the Oracle ATG Commerce panel is present or not.
Example HTTP request:
GET / HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3
The module matches the response headers and status code against the defined conditions to determine if the Oracle ATG Commerce panel is detected.