Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Apache Tomcat Manager Login Panel - Detect" module is designed to detect the presence of the Apache Tomcat Manager login panel. Apache Tomcat is an open-source web server and servlet container that is widely used for hosting Java-based web applications. The Tomcat Manager login panel is a web interface that allows administrators to manage and monitor Tomcat instances.
This module focuses on detecting the presence of the Tomcat Manager login panel, which can be an indication of potential security risks if not properly secured. The severity of this module is classified as informative, meaning it provides valuable information about the presence of the login panel but does not directly indicate a vulnerability or misconfiguration.
This module was authored by Ahmed Sherif, geeknik, and sinKettu.
The presence of the Apache Tomcat Manager login panel can pose security risks if it is accessible without proper authentication or if it is misconfigured. Unauthorized access to the Tomcat Manager can allow attackers to gain control over the server, deploy malicious applications, or manipulate server configurations.
The module works by sending HTTP requests to specific paths associated with the Tomcat Manager login panel, namely "/manager/html" and "/host-manager/html". It then applies matching conditions to determine if the panel is present.
The matching conditions used in this module are:
- Response Word Match: The module checks if the response contains the words "Apache Tomcat" or "Tomcat Manager". This helps identify if the page is related to the Tomcat Manager login panel. - Status Code Match: The module checks if the response status code is either 401 (Unauthorized) or 200 (OK). This helps identify if the panel is accessible or protected by authentication.By combining these matching conditions, the module can determine if the Apache Tomcat Manager login panel is present and accessible.