Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "BookStack Login Panel - Detect" module is designed to detect the presence of the BookStack login panel. BookStack is a software that allows users to create and manage documentation. This module focuses on identifying the login panel specifically.
This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.
Author: cyllective, daffainfo
This module does not have any direct impact on the system. It simply detects the presence of the BookStack login panel, providing information about its existence.
The module works by sending an HTTP GET request to the "/login" path. It then applies several matching conditions to determine if the BookStack login panel is present:
- The response body must contain the HTML title tag "<title>BookStack</title>
" or the span tag with the class "logo-text" containing the text "BookStack".
- The response header must include the "Set-Cookie: bookstack_session" field.
- The response status code must be 200.
If all of these conditions are met, the module reports the detection of the BookStack login panel.
Reference:
- https://github.com/BookStackApp/BookStack
Metadata:
max-request: 1
shodan-query: http.title:"BookStack"