Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Server Monitor Installer

By kannthu

High
Vidoc logoVidoc Module
#misconfig#monitor#exposure#install
Description

Server Monitor Installer

What is the Server Monitor Installer?

The Server Monitor Installer module is designed to detect misconfigurations in the Server Monitor software. It targets installations of the PHP Server Monitor that have an exposed installation page at "/install.php". This module has a high severity level and was authored by tess.

Impact

If the Server Monitor Installer module detects a misconfigured installation of the PHP Server Monitor, it indicates that the installation page is accessible to potential attackers. This could lead to unauthorized access, data breaches, or other security vulnerabilities.

How does the module work?

The Server Monitor Installer module works by sending a GET request to the "/install.php" path of the target server. It then applies several matching conditions to determine if the installation page is exposed and misconfigured:

- The response body must contain one of the following phrases: "<title>SERVER MONITOR - Install</title>", "PHP Server Monitor - Install", or "install.php?action=config". - The response headers must include the phrase "text/html". - The HTTP status code of the response must be 200.

If all of these conditions are met, the module will report a vulnerability.

Example HTTP request:

GET /install.php HTTP/1.1
Host: [target server]

Note: The above example is a simplified representation of the HTTP request. Actual requests may contain additional headers or parameters.

This module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing for various vulnerabilities, misconfigurations, and software detection.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/install.php
Matching conditions
word: <title>SERVER MONITOR - Install</title>,...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability