Dotclear Admin Login Panel - Detect

What is the "Dotclear Admin Login Panel - Detect" module?

The "Dotclear Admin Login Panel - Detect" module is designed to detect the presence of the Dotclear admin login panel. Dotclear is a popular content management system (CMS) used for creating and managing websites. This module focuses on identifying the login panel specifically, which can be useful for security auditing and vulnerability assessment.

The severity of this module is classified as informative, meaning it provides valuable information but does not directly indicate a vulnerability or misconfiguration.

This module was authored by pikpikcu and daffainfo.

Impact

The impact of detecting the Dotclear admin login panel is primarily informational. It does not indicate any immediate security risks or vulnerabilities. However, it can be a starting point for further analysis and assessment of the website's security posture.

How does the module work?

The module works by sending HTTP requests to specific paths associated with the Dotclear admin login panel. It checks for two matching conditions:

- The response body contains the HTML elements "<body id="dotclear-admin" class="auth">" and "<title>Dotclear</title>". - The response status code is 200 (OK).

If both conditions are met, the module considers the Dotclear admin login panel to be present.

Here is an example of an HTTP request that the module may send:

GET /dc2/admin/auth.php HTTP/1.1
Host: example.com

The module then evaluates the response based on the matching conditions mentioned above.