Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

System Properties Exposure

By kannthu

Vidoc logoVidoc Module

What is the "System Properties Exposure?"

The "System Properties Exposure" module is designed to detect misconfigurations in system properties and environment variables. It targets software systems and checks for the presence of specific keywords in the HTTP response body. This module has a low severity level and was authored by DhiyaneshDk.


If a misconfiguration is detected, it could potentially expose sensitive system properties and environment variables. This could lead to unauthorized access, data leakage, or other security vulnerabilities.

How does the module work?

The "System Properties Exposure" module works by sending HTTP requests to the target system and analyzing the response. It checks for the presence of specific keywords, such as "System Properties:" and "Environment Variables:", in the response body. Additionally, it verifies that the HTTP response status is 200 (OK). If both conditions are met, the module reports a potential misconfiguration.

Here is an example of an HTTP request that the module might send:

GET / HTTP/1.1
User-Agent: Vidoc-Scanner

The module uses the following matching conditions:

- The response body must contain the keywords "System Properties:" and "Environment Variables:". - The HTTP response status must be 200 (OK).

By analyzing the HTTP response and matching these conditions, the module can identify potential misconfigurations related to system properties and environment variables.

Module preview

Concurrent Requests (0)
Passive global matcher
word: System Properties:, Environment Variable...and
status: 200
On match action
Report vulnerability