Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Tomcat Cookie Exposed

By kannthu

Low
Vidoc logoVidoc Module
#misconfig#apache#tomcat#exposure
Description

What is "Tomcat Cookie Exposed?"

The "Tomcat Cookie Exposed" module is designed to detect a misconfiguration in the Apache Tomcat server that exposes sensitive cookie information. This module targets instances of Tomcat that have a specific servlet called "CookieExample" enabled. The severity of this misconfiguration is classified as low.

This module was authored by tess and dk999.

Impact

If the "Tomcat Cookie Exposed" misconfiguration is present, it can potentially expose sensitive cookie data to unauthorized users. This can lead to various security risks, such as session hijacking or unauthorized access to user accounts.

How does the module work?

The "Tomcat Cookie Exposed" module works by sending a GET request to the "/examples/servlets/servlet/CookieExample" path on the target Tomcat server. It then checks for specific content in the response to determine if the misconfiguration is present.

The matching conditions for this module are as follows:

- The response must contain the phrases "Cookies Example" and "Your browser is sending the following cookies:" - The response status code must be 200

If both conditions are met, the module will report the vulnerability.

Reference

- https://medium.com/bugbountywriteup/apache-example-servlet-leads-to-61a2720cac20

Metadata

max-request: 1

verified: true

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/examples/servlets/s...
Matching conditions
word: Cookies Example, Your browser is sending...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability