Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The ScriptCase Production Environment Login module is designed to detect misconfigurations in the ScriptCase production environment login. ScriptCase is a software development platform that allows users to create web applications quickly and easily. This module focuses on identifying potential vulnerabilities in the login functionality of the ScriptCase production environment. The severity of this module is informative, meaning it provides valuable information about potential security risks.
Author: Ricardo Maia (Brainfork)
This module helps identify any misconfigurations or vulnerabilities in the ScriptCase production environment login. By detecting these issues, users can take appropriate action to secure their login functionality and protect sensitive data.
The ScriptCase Production Environment Login module works by sending HTTP requests to specific paths related to the ScriptCase production environment login. It then applies matching conditions to determine if the login functionality is vulnerable or misconfigured.
Example HTTP request:
GET /prod/lib/php/ HTTP/1.1
Host: [target]
The module uses the following matching conditions:
- Regex matchers: The module checks if the response contains the keywords "ScriptCase," "NetMake," and "Login" in a case-insensitive manner. - Status matcher: The module verifies if the HTTP response status is 200, indicating a successful request.The module combines these matching conditions using the "and" logical operator to ensure all conditions are met for a successful match.
Reference:
- https://www.scriptcase.com.br - https://www.scriptcase.netMetadata:
- max-request: 2 - verified: true - shodan-query: title:"ScriptCase"