Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SPX PHP Profiler - Default Key

By kannthu

High
Vidoc logoVidoc Module
#spx-php#debug#misconfig#spx
Description

SPX PHP Profiler - Default Key

What is the "SPX PHP Profiler - Default Key?"

The "SPX PHP Profiler - Default Key" module is designed to detect the presence of a default SPX key in the SPX PHP profiler software. This module focuses on identifying misconfigurations that could potentially lead to security vulnerabilities. The severity of this module is classified as high.

Author: vagnerd

Impact

If the default SPX key is discovered, it could allow unauthorized access to the SPX Control Panel and potentially expose sensitive information. This misconfiguration could lead to unauthorized modifications, data leaks, or other security breaches.

How the module works?

The module sends an HTTP GET request to the target URL with a specific query parameter, "?SPX_KEY={%api_key%}&SPX_UI_URI=/". It then performs a series of matching conditions to determine if the target is vulnerable:

- The response body must contain the following words: "<title>SPX Control Panel</title>", "SPX_ENABLED", and "Configuration". - The response header must contain the word "text/html". - The HTTP status code must be 200.

If all the matching conditions are met, the module reports a vulnerability.

Reference:

- https://github.com/NoiseByNorthwest/php-spx

Remediation:

- https://github.com/NoiseByNorthwe

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/?SPX_KEY={%api_key%...
Payloads
1 payload lists
Matching conditions
word: <title>SPX Control Panel</title>, SPX_EN...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability