Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Proxy WPAD Configuration Exposure

By kannthu

Low
Vidoc logoVidoc Module
#config#exposure#proxy
Description

What is the "Proxy WPAD Configuration Exposure?" module?

The "Proxy WPAD Configuration Exposure" module is designed to detect misconfigurations in the WPAD (Web Proxy Auto-Discovery) configuration. WPAD is a protocol used by web browsers to automatically discover proxy settings. This module targets the exposure of the WPAD configuration file, which can potentially lead to security vulnerabilities.

This module has a low severity level, indicating that the impact of the vulnerability is relatively limited.

Author: DhiyaneshDk

Impact

If the WPAD configuration file is exposed, it can potentially allow an attacker to intercept and manipulate network traffic. This can lead to various security risks, such as eavesdropping on sensitive information, injecting malicious content, or redirecting users to malicious websites.

How does the module work?

The "Proxy WPAD Configuration Exposure" module works by sending an HTTP GET request to the "/wpad.dat" path. It then applies matching conditions to determine if the WPAD configuration file is exposed.

The matching conditions for this module are:

- The response body must contain the words "FindProxyForURL", "url", and "host". - The HTTP status code must be 200 (OK).

If both matching conditions are met, the module reports a vulnerability indicating that the WPAD configuration file is exposed.

Example HTTP request:

GET /wpad.dat HTTP/1.1
Host: example.com

Note: The above example is a simplified representation of the HTTP request and does not include all possible headers or request parameters.

For more information, refer to the module's metadata:

verified: true
shodan-query: html:"wpad.dat"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wpad.dat
Matching conditions
word: FindProxyForURL, url, hostand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability