AWS OpenSearch Login - Detect

What is "AWS OpenSearch Login - Detect"?

The "AWS OpenSearch Login - Detect" module is designed to detect the presence of the AWS OpenSearch login page. It is a module used in the Vidoc platform to perform scanning and identify potential misconfigurations or vulnerabilities related to the login functionality of AWS OpenSearch. The severity of this module is classified as informative.

This module was authored by Higor Melgaço (eremit4).

Impact

The detection of the AWS OpenSearch login page can provide insights into the configuration and security of the login functionality. It can help identify potential weaknesses or misconfigurations that may impact the overall security of the AWS OpenSearch deployment.

How does the module work?

The "AWS OpenSearch Login - Detect" module works by sending an HTTP GET request to the "/_dashboards/app/login" path of the target. It then applies matching conditions to determine if the login page is present.

The matching conditions used in this module are:

- Status: The response status code must be 200. - Content: The response body must contain the phrase "Please login to OpenSearch Dashboards".

If both matching conditions are met, the module considers the AWS OpenSearch login page to be detected.

Example HTTP request:

GET /_dashboards/app/login

For more information about AWS OpenSearch, you can refer to the official AWS OpenSearch documentation.

Metadata:

- Max Request: 1