Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Rockwell Automation TCP/IP Configuration Information - Detect

By kannthu

Medium
Vidoc logoVidoc Module
#config#edb#logs
Description

What is the "Rockwell Automation TCP/IP Configuration Information - Detect" module?

The "Rockwell Automation TCP/IP Configuration Information - Detect" module is designed to detect misconfigurations related to TCP/IP configuration information in Rockwell Automation software. It targets the Rockwell Automation software and scans for vulnerabilities or misconfigurations that could potentially impact the security and functionality of the TCP/IP configuration.

This module has a severity level of medium, indicating that the detected misconfigurations or vulnerabilities could have a moderate impact on the system's security and performance.

Impact

If misconfigurations or vulnerabilities are detected by this module, it could potentially lead to unauthorized access, data breaches, or disruption of the TCP/IP communication within the Rockwell Automation software. It is important to address and fix any identified issues to ensure the security and stability of the system.

How the module works?

The "Rockwell Automation TCP/IP Configuration Information - Detect" module works by sending an HTTP GET request to the "/tcpconfig.html" path of the target system. It then applies matching conditions to determine if the TCP/IP configuration information is present and if the response status is 200 (OK).

The matching conditions used in this module are:

- Word Matcher: It checks if the response contains the phrase "TCP/IP Configuration". - Status Matcher: It verifies if the response status is 200 (OK).

If both matching conditions are met, the module reports a potential misconfiguration or vulnerability related to the TCP/IP configuration information in the Rockwell Automation software.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/tcpconfig.html
Matching conditions
word: TCP/IP Configurationand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability