Wordpress sym404 directory

What is the "Wordpress sym404 directory?" module?

The "Wordpress sym404 directory" module is designed to detect sensitive directories present in the sym404 of Wordpress websites. It targets the sym404 directory, which is a common location for misconfigurations and vulnerabilities. This module has a high severity level, indicating that it can potentially expose sensitive information or lead to further security issues if not addressed.

This module was authored by pussycat0x.

Impact

If the "Wordpress sym404 directory" module detects a misconfiguration or vulnerability, it can potentially expose sensitive directories within the sym404 of a Wordpress website. This can lead to unauthorized access, data leakage, or other security risks.

How does the module work?

The "Wordpress sym404 directory" module works by sending an HTTP GET request to the "/wp-includes/sym404/root/etc/passwd" path of the target Wordpress website. It then applies matching conditions to determine if the response contains sensitive information and if the request was successful (status code 200).

The matching conditions for this module are as follows:

- The response body must match the regular expression "root:.*:0:0:" - The response status code must be 200

If both conditions are met, the module considers the target website to have a potential misconfiguration or vulnerability in the sym404 directory.

It is important to note that this module is just one test case within the Vidoc platform, which utilizes multiple modules to perform comprehensive scanning and detection of Wordpress vulnerabilities, misconfigurations, and software fingerprints.

For more information, you can refer to the reference tweet by pussycat0x.

Metadata:

- max-request: 1 - verified: true - google-query: inurl:"/wp-includes/sym404/"