SkyCaiji - Exposed Installation

What is "SkyCaiji - Exposed Installation?"

The "SkyCaiji - Exposed Installation" module is designed to detect misconfigurations in the SkyCaiji software. SkyCaiji is a data collection tool used for web scraping and data extraction. This module focuses on identifying exposed installation endpoints in the SkyCaiji software.

This module has a severity level of high.

Impact

If an exposed installation endpoint is detected, it could potentially allow unauthorized access to the SkyCaiji software. This can lead to data breaches, unauthorized data extraction, and other security risks.

How the module works?

The "SkyCaiji - Exposed Installation" module works by sending an HTTP GET request to the "/index.php?s=/install/index/index" endpoint. It then matches the response against specific conditions to determine if an exposed installation is present.

The matching conditions for this module are:

- The response body must contain the following words: "<title>蓝天采集器 SkyCaiji 安装</title>", "https://www.skycaiji.com", and "<a href=\"/index.php?s=/Install/Index/step1\" class=\"btn btn-lg btn-success\">". - The response status code must be 200.

If both conditions are met, the module will report a vulnerability.