Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The Server Monitor Installer module is designed to detect misconfigurations in the Server Monitor software. It targets installations of the PHP Server Monitor that have an exposed installation page at "/install.php". This module has a high severity level and was authored by tess.
If the Server Monitor Installer module detects a misconfigured installation of the PHP Server Monitor, it indicates that the installation page is accessible to potential attackers. This could lead to unauthorized access, data breaches, or other security vulnerabilities.
The Server Monitor Installer module works by sending a GET request to the "/install.php" path of the target server. It then applies several matching conditions to determine if the installation page is exposed and misconfigured:
- The response body must contain one of the following phrases: "<title>SERVER MONITOR - Install</title>
", "PHP Server Monitor - Install
", or "install.php?action=config
".
- The response headers must include the phrase "text/html
".
- The HTTP status code of the response must be 200.
If all of these conditions are met, the module will report a vulnerability.
Example HTTP request:
GET /install.php HTTP/1.1
Host: [target server]
Note: The above example is a simplified representation of the HTTP request. Actual requests may contain additional headers or parameters.
This module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various vulnerabilities, misconfigurations, and software detection.