Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Adobe AEM CRX Package Manager - Panel Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#aem#adobe
Description

What is the "Adobe AEM CRX Package Manager - Panel Detect" module?

The "Adobe AEM CRX Package Manager - Panel Detect" module is designed to detect the presence of the Adobe Experience Manager (AEM) CRX Package Manager panel. AEM is a content management system that allows users to create, manage, and deliver digital experiences across various channels.

This module focuses on identifying the specific panel within AEM that is responsible for managing CRX packages. The severity of this detection is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by dhiyaneshDk.

Impact

The detection of the Adobe AEM CRX Package Manager panel does not directly impact the security or functionality of the system. However, it can provide insights into the presence of this specific component within an AEM installation.

How does the module work?

The module works by sending an HTTP GET request to the "/crx/packmgr/index.jsp" path of the target system. It then applies a series of matching conditions to determine if the response indicates the presence of the CRX Package Manager panel.

The matching conditions include:

- Checking if the response body contains the HTML title tag "<title>CRX Package Manager</title>". - Verifying that the response header includes the content type "text/html". - Ensuring that the response status code is 200 (OK).

If all of these conditions are met, the module reports a successful detection of the Adobe AEM CRX Package Manager panel.

For more information, you can refer to the reference source provided.

Metadata:

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/crx/packmgr/index.j...
Matching conditions
word: <title>CRX Package Manager</title>and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability