Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

TYPO3 Installer

By kannthu

Medium
Vidoc logoVidoc Module
#misconfig#typo3#install
Description

TYP03 Installer

What is the "TYPO3 Installer?"

The "TYPO3 Installer" module is designed to detect misconfigurations in TYPO3 CMS installations. TYPO3 CMS is an open-source content management system widely used for building websites and web applications. This module focuses on identifying vulnerabilities related to the installation process of TYPO3 CMS.

This module has a medium severity level, indicating that the detected misconfigurations could potentially lead to security issues if not addressed.

Author: DhiyaneshDk

Impact

The "TYPO3 Installer" module helps identify potential misconfigurations during the installation process of TYPO3 CMS. By detecting these misconfigurations, website administrators can take appropriate actions to secure their TYPO3 CMS installations and prevent potential security breaches.

How the module works?

The "TYPO3 Installer" module works by sending HTTP requests to the "/typo3/install.php" path of a target website. It then applies a series of matching conditions to determine if the TYPO3 CMS installation page is present and if the response status is 200 (OK).

Matching conditions:

- The module checks if the response body contains the HTML title tag "<title>Installing TYPO3 CMS</title>". - The module verifies if the response header includes the content type "text/html". - The module confirms if the response status is 200 (OK).

If all the matching conditions are met, the module reports a potential misconfiguration in the TYPO3 CMS installation process.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/typo3/install.php
Matching conditions
word: <title>Installing TYPO3 CMS</title>and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability