Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Avigilon Login Panel - Detect

By kannthu

informative
Vidoc logoVidoc Module
#panel#avigilon
Description

Avigilon Login Panel - Detect

What is the "Avigilon Login Panel - Detect?"

The "Avigilon Login Panel - Detect" module is designed to detect the presence of the Avigilon login panel. Avigilon Control Center is a software platform used for video management and analytics. This module focuses on identifying the login panel, which is an essential component of the Avigilon Control Center Gateway.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by robotshell.

Impact

This module does not have a direct impact on the system or network being scanned. It simply detects the presence of the Avigilon login panel, providing information about the software being used.

How does the module work?

The "Avigilon Login Panel - Detect" module works by sending an HTTP GET request to the "/cfg/login" path. It then applies a series of matching conditions to determine if the Avigilon login panel is present.

The matching conditions include:

- Checking the response body for the presence of the login panel's title tag: "<title>Login - Avigilon Control Center Gateway</title>" or "<title>Iniciar sesión - Puerta de enlace de Avigilon Control Center</title>". - Verifying that the response header contains the word "text/html". - Ensuring that the response status code is 200 (OK).

If all of these conditions are met, the module reports a successful detection of the Avigilon login panel.

Example HTTP request:

GET /cfg/login

Note: The actual JSON definitions of the module are not shown here for simplicity.

Concurrent Requests (1)
1. HTTP Request template
GET/cfg/login
Matching conditions
word: <title>Login - Avigilon Control Center G...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability