BookStack Login Panel - Detect

What is the "BookStack Login Panel - Detect?"

The "BookStack Login Panel - Detect" module is designed to detect the presence of the BookStack login panel. BookStack is a software that allows users to create and manage documentation. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: cyllective, daffainfo

Impact

This module does not have any direct impact on the system. It simply detects the presence of the BookStack login panel, providing information about its existence.

How does the module work?

The module works by sending an HTTP GET request to the "/login" path. It then applies several matching conditions to determine if the BookStack login panel is present:

- The response body must contain the HTML title tag "<title>BookStack</title>" or the span tag with the class "logo-text" containing the text "BookStack". - The response header must include the "Set-Cookie: bookstack_session" field. - The response status code must be 200.

If all of these conditions are met, the module reports the detection of the BookStack login panel.

Reference:

- https://github.com/BookStackApp/BookStack

Metadata:

max-request: 1

shodan-query: http.title:"BookStack"