Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Parameter Based Generic OOB Interaction" module is designed to detect a misconfiguration in the target software. It focuses on identifying a vulnerability related to out-of-band (OOB) interactions through parameter-based requests. This module has an informative severity level and was authored by pdteam.
This module detects a scenario where the remote server fetches a spoofed URL from the request parameters. This can potentially lead to security issues, as it may allow an attacker to manipulate the server's behavior or exploit vulnerabilities in the software.
The module works by sending a GET request with specific parameters to the target server. It then checks for a matching condition related to the "interactsh_protocol" in the response. If the condition is met, it indicates the presence of the vulnerability.
Here is an example of the HTTP request sent by the module:
GET /?u=http://{%InteractionURL%}/&href=http://{%InteractionURL%}/&action=http://{%InteractionURL%}/&host={%InteractionURL%}&http_host={%InteractionURL%}&email=root@{%InteractionURL%}&url=http://{%InteractionURL%}/&load=http://{%InteractionURL%}/&preview=http://{%InteractionURL%}/&target=http://{%InteractionURL%}/&proxy=http://{%InteractionURL%}/&from=http://{%InteractionURL%}/&src=http://{%InteractionURL%}/&ref=http://{%InteractionURL%}/&referrer=http://{%InteractionURL%}/ HTTP/1.1
The module's matching condition checks for the presence of the "http" word in the "interactsh_protocol" part of the response. If this condition is met, it indicates a potential vulnerability.
For more information, you can refer to the Collaborator Everywhere GitHub repository.
Metadata: max-request: 1