Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

PhpMyAdmin Server Import

By kannthu

High
Vidoc logoVidoc Module
#phpmyadmin#misconfig
Description

What is the "PhpMyAdmin Server Import?" module?

The "PhpMyAdmin Server Import" module is designed to detect unauthenticated PhpMyAdmin Server Import pages. PhpMyAdmin is a popular web-based database management tool used to handle MySQL and MariaDB databases. This module focuses on identifying misconfigurations in PhpMyAdmin installations that could potentially lead to security vulnerabilities.

This module has a severity level of high, indicating that the identified misconfigurations can pose a significant risk to the security of the PhpMyAdmin server.

This module was authored by Cristi Vlad (@cristivlad25).

Impact

If the module detects a misconfigured PhpMyAdmin Server Import page, it indicates that the server may be vulnerable to unauthorized access or data leakage. Attackers could potentially exploit this vulnerability to upload malicious files or gain unauthorized access to the server.

How does the module work?

The "PhpMyAdmin Server Import" module works by sending HTTP requests to various paths commonly associated with PhpMyAdmin Server Import pages. It uses specific matching conditions to identify potential misconfigurations.

For example, one of the HTTP requests sent by the module could be:

GET /pma/server_import.php

The module then applies matching conditions to the response received from the server. In this case, it checks if the response contains the phrases "File to import" or "Location of the text file" and if the HTTP status code is 200 (OK).

If both conditions are met, the module considers the PhpMyAdmin Server Import page as potentially misconfigured and reports it as a vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/pma/server_import.p.../phpmyadmin/server_i.../phpMyAdmin 2/server...(+7 paths)
Matching conditions
word: File to import, Location of the text fil...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability