Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Ansible Semaphore Panel Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#ansible#semaphore#cicd#oss
Description

What is the "Ansible Semaphore Panel Detect" module?

The "Ansible Semaphore Panel Detect" module is designed to detect the presence of an Ansible Semaphore login panel. Ansible Semaphore is an open-source web-based tool for managing Ansible projects and workflows. This module focuses on identifying the login panel of Ansible Semaphore instances.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by Yuzhe-zhang-0.

Impact

This module does not have a direct impact as it is an informative module. It does not indicate any vulnerabilities or misconfigurations. Instead, it provides information about the presence of an Ansible Semaphore login panel.

How does the module work?

The "Ansible Semaphore Panel Detect" module works by sending an HTTP GET request to the "/auth/login" path of the target website. It then applies two matching conditions to determine if the Ansible Semaphore login panel is present.

The first matching condition checks if the response contains the HTML title tag "". If this condition is met, it indicates that the login panel is present.

The second matching condition uses a regular expression to search for the HTML title tag "". If this condition is met, it further confirms the presence of the Ansible Semaphore login panel.

Both matching conditions are combined using the "or" logical operator, meaning that if either condition is met, the module will consider the login panel to be detected.

It's important to note that this module only detects the presence of the login panel and does not perform any further actions or provide additional information about the panel's configuration or vulnerabilities.

For more information about Ansible Semaphore, you can visit the official website https://ansible-semaphore.com/ and the GitHub repository https://github.com/ansible-semaphore/semaphore.

Metadata:

- max-request: 1

- shodan-query: http.html:"Semaphore</title>"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/auth/login
Matching conditions
word: <title>Ansible Semaphore</title>or
regex: <title(.*)>Semaphore</title>
Passive global matcher
No matching conditions.
On match action
Report vulnerability