Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

zm-system-log-detect

By kannthu

Low
Vidoc logoVidoc Module
#logs#zm#exposure
Description

What is the "zm-system-log-detect" module?

The "zm-system-log-detect" module is designed to detect misconfigurations in the ZM (ZoneMinder) system log. ZM is a software application used for video surveillance and security purposes. This module focuses on identifying potential vulnerabilities in the system log, which can help prevent unauthorized access and data exposure. The severity of this module is classified as low, indicating that the identified issues may have a limited impact on the overall security of the system. The original author of this module is pussycat0x.

Impact

This module aims to identify misconfigurations in the ZM system log, which can potentially lead to security vulnerabilities. By detecting these issues, system administrators can take appropriate measures to mitigate the risks and ensure the integrity and confidentiality of the system log data.

How does the module work?

The "zm-system-log-detect" module utilizes HTTP request templates and matching conditions to identify misconfigurations in the ZM system log. It sends a GET request to the "/?view=log" and "/zm/?view=log" paths, expecting a response with a status code of 200 and the presence of the "" HTML tag. These matching conditions help determine if the system log page is accessible and properly configured.

By analyzing the response and matching conditions, the module can identify potential misconfigurations in the ZM system log. This information can then be used to report vulnerabilities and prompt appropriate actions to address the identified issues.

Example HTTP request:

GET /?view=log HTTP/1.1
Host: [target_host]

The matching conditions for this module include:

- Presence of the "" HTML tag - Response status code of 200

These conditions must be met for the module to consider the system log properly configured and free from potential vulnerabilities.

For more information, you can refer to the reference provided.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/?view=log/zm/?view=log
Matching conditions
word: <title>ZM - System Log</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability