Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Webuzo Installer

By kannthu

High
Vidoc logoVidoc Module
#misconfig#webuzo#install#exposure
Description

Webuzo Installer Module

What is the "Webuzo Installer?"

The Webuzo Installer module is designed to detect vulnerabilities related to the Webuzo Installer software. Webuzo Installer is a control panel that simplifies the installation and management of web applications on servers. This module focuses on identifying misconfigurations and potential security risks associated with the Webuzo Installer.

Severity: High

Author: DhiyaneshDk

Impact

If a vulnerability is detected in the Webuzo Installer, it could potentially lead to unauthorized access, data breaches, or other security incidents. Attackers may exploit these vulnerabilities to gain control over the server or compromise the web applications installed through Webuzo Installer.

How the module works?

The Webuzo Installer module works by sending HTTP requests to the target server and analyzing the responses. It checks for specific conditions that indicate the presence of the Webuzo Installer and potential vulnerabilities. The module verifies the presence of the Webuzo Installer by matching specific words in the response body and headers, such as "Webuzo Installer" and "Webuzo Initial Setup". It also ensures that the response status is 200 (OK) and the content type is "text/html".

Example HTTP request:

GET /install.php

The module checks if the response contains the expected words, has a status of 200, and the content type is "text/html". If all conditions are met, the module reports a vulnerability.

Metadata:

- Verified: true

- Shodan query: title:"Webuzo Installer"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/install.php
Matching conditions
word: Webuzo Installer, Webuzo Initial Setupand
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability