Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

ScriptCase Production Environment Login

By kannthu

Informative
Vidoc logoVidoc Module
#panel#scriptcase
Description

ScriptCase Production Environment Login

What is the ScriptCase Production Environment Login?

The ScriptCase Production Environment Login module is designed to detect misconfigurations in the ScriptCase production environment login. ScriptCase is a software development platform that allows users to create web applications quickly and easily. This module focuses on identifying potential vulnerabilities in the login functionality of the ScriptCase production environment. The severity of this module is informative, meaning it provides valuable information about potential security risks.

Author: Ricardo Maia (Brainfork)

Impact

This module helps identify any misconfigurations or vulnerabilities in the ScriptCase production environment login. By detecting these issues, users can take appropriate action to secure their login functionality and protect sensitive data.

How does the module work?

The ScriptCase Production Environment Login module works by sending HTTP requests to specific paths related to the ScriptCase production environment login. It then applies matching conditions to determine if the login functionality is vulnerable or misconfigured.

Example HTTP request:

GET /prod/lib/php/ HTTP/1.1
Host: [target]

The module uses the following matching conditions:

- Regex matchers: The module checks if the response contains the keywords "ScriptCase," "NetMake," and "Login" in a case-insensitive manner. - Status matcher: The module verifies if the HTTP response status is 200, indicating a successful request.

The module combines these matching conditions using the "and" logical operator to ensure all conditions are met for a successful match.

Reference:

- https://www.scriptcase.com.br - https://www.scriptcase.net

Metadata:

- max-request: 2 - verified: true - shodan-query: title:"ScriptCase"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/prod/lib/php//scriptcase/prod/lib...
Matching conditions
regex: (?i)(ScriptCase), (?i)(NetMake), (?i)(Lo...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability