Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

phpwind Installer Exposure

By kannthu

High
Vidoc logoVidoc Module
#misconfig#phpwind#exposure#install
Description

phpwind Installer Exposure

What is the "phpwind Installer Exposure?"

The "phpwind Installer Exposure" module is designed to detect a misconfiguration vulnerability in the phpwind software. Phpwind is a popular content management system (CMS) written in PHP. This module focuses on identifying instances where the phpwind installation exposes its installer, which can lead to potential security risks.

This module has a severity level of high, indicating that if the vulnerability is present, it can pose a significant threat to the security of the phpwind installation.

Impact

If the phpwind Installer Exposure vulnerability is present, it can allow unauthorized individuals to gain access to the installation process of the phpwind CMS. This can potentially lead to unauthorized modifications, data breaches, or even complete compromise of the system.

How the module works?

The "phpwind Installer Exposure" module works by sending an HTTP GET request to the "/install.php?a=check" endpoint of the target phpwind installation. It then applies a set of matching conditions to determine if the vulnerability is present.

The matching conditions include:

- Body: The response body must contain the phrases "Powered by phpwind" and "安装". - Header: The response header must include the content type "text/html". - Status: The response status code must be 200.

If all the matching conditions are met, the module will report the vulnerability, indicating that the phpwind installation exposes its installer.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/install.php?a=check
Matching conditions
word: Powered by phpwind</title>, 安装and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability