Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Apache Tomcat Manager Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#tomcat#apache
Description

What is the "Apache Tomcat Manager Login Panel - Detect?"

The "Apache Tomcat Manager Login Panel - Detect" module is designed to detect the presence of the Apache Tomcat Manager login panel. Apache Tomcat is an open-source web server and servlet container that is widely used for hosting Java-based web applications. The Tomcat Manager login panel is a web interface that allows administrators to manage and monitor Tomcat instances.

This module focuses on detecting the presence of the Tomcat Manager login panel, which can be an indication of potential security risks if not properly secured. The severity of this module is classified as informative, meaning it provides valuable information about the presence of the login panel but does not directly indicate a vulnerability or misconfiguration.

This module was authored by Ahmed Sherif, geeknik, and sinKettu.

Impact

The presence of the Apache Tomcat Manager login panel can pose security risks if it is accessible without proper authentication or if it is misconfigured. Unauthorized access to the Tomcat Manager can allow attackers to gain control over the server, deploy malicious applications, or manipulate server configurations.

How the module works?

The module works by sending HTTP requests to specific paths associated with the Tomcat Manager login panel, namely "/manager/html" and "/host-manager/html". It then applies matching conditions to determine if the panel is present.

The matching conditions used in this module are:

- Response Word Match: The module checks if the response contains the words "Apache Tomcat" or "Tomcat Manager". This helps identify if the page is related to the Tomcat Manager login panel. - Status Code Match: The module checks if the response status code is either 401 (Unauthorized) or 200 (OK). This helps identify if the panel is accessible or protected by authentication.

By combining these matching conditions, the module can determine if the Apache Tomcat Manager login panel is present and accessible.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/manager/html/host-manager/html
Matching conditions
word: Apache Tomcat, Tomcat Managerand
status: 401, 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability