Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Tianqing Info Leak

By kannthu

Vidoc logoVidoc Module

What is the "Tianqing Info Leak?"

The "Tianqing Info Leak" module is designed to detect information leaks in the Tianqing software. It is a vulnerability detection module with a medium severity level. The original author of this module is ritikchaddha.


If the "Tianqing Info Leak" vulnerability is present, it can potentially expose sensitive information stored in the Tianqing software. This can lead to unauthorized access, data breaches, and other security risks.

How the module works?

The "Tianqing Info Leak" module works by sending an HTTP GET request to the "/api/dbstat/gettablessize" endpoint. It then applies several matching conditions to determine if the vulnerability exists:

- The response body must contain the words "schema_name", "table_name", and "table_size". - The response headers must include the word "application/json". - The HTTP status code must be 200.

If all of these conditions are met, the module identifies the presence of the "Tianqing Info Leak" vulnerability.

Example HTTP request:

GET /api/dbstat/gettablessize

Note: The above example is a simplified representation of the HTTP request. The actual request may contain additional headers or parameters.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: schema_name, table_name, table_sizeand
word: application/jsonand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability