id: exposed-authentication-asmx info: name: Exposed Authentication.asmx author: DhiyaneshDk severity: low reference: https://www.exploit-db.com/ghdb/6604 tags: config,exposure requests: - method: GET path: - "{{BaseURL}}/_vti_bin/Authentication.asmx?op=Mode" matchers-condition: and matchers: - type: word words: - "Authentication Web Service" part: body - type: status status: - 200