Dgraph Ratel Dashboard Exposure Panel - Detect

What is the "Dgraph Ratel Dashboard Exposure Panel - Detect?"

The "Dgraph Ratel Dashboard Exposure Panel - Detect" module is designed to detect the presence of the Dgraph Ratel Dashboard exposure panel. Dgraph Ratel Dashboard is a software interface used for interacting with the Dgraph database. This module focuses on identifying potential misconfigurations or vulnerabilities in the Ratel Dashboard.

This module has an informative severity level, meaning it provides valuable information about the exposure panel but does not indicate an immediate security threat.

Author: dhiyaneshDk

Impact

The exposure panel in the Dgraph Ratel Dashboard can potentially lead to unauthorized access or information disclosure. If misconfigured or left exposed, it may allow attackers to gain access to sensitive data or perform unauthorized actions within the database.

How the module works?

The module works by sending an HTTP GET request to the target URL with the path "/?dev". It then applies matching conditions to determine if the Ratel Dashboard exposure panel is present.

The matching conditions include:

- Checking the response body for specific words, such as "Choose a version of the Ratel interface" and "". - Verifying that the response header contains the word "text/html".

If both conditions are met, the module identifies the presence of the Dgraph Ratel Dashboard exposure panel.

Example HTTP request:

GET /?dev

Note: The above example is a simplified representation of the HTTP request used by the module.