Drone CI Login Panel - Detect

What is the "Drone CI Login Panel - Detect" module?

The "Drone CI Login Panel - Detect" module is designed to detect the presence of the Drone CI login panel. Drone CI is a popular continuous integration (CI) platform used for automating software testing and deployment processes. This module specifically focuses on identifying any misconfigurations or vulnerabilities related to the login panel.

This module has an informative severity level, which means it provides valuable information without indicating a critical security issue.

Impact

The impact of this module is primarily informational. It helps users identify potential security weaknesses or misconfigurations in their Drone CI login panel. By detecting these issues, users can take appropriate actions to enhance the security and reliability of their CI environment.

How the module works?

The "Drone CI Login Panel - Detect" module utilizes HTTP request templates and matching conditions to identify the presence of the Drone CI login panel. It sends a GET request to the "/welcome" path and checks for specific response conditions.

The matching conditions for this module include:

- Title Match: The module checks if the response contains either "<title>Drone CI</title>" or "<title>Drone | Continuous Integration</title>". This ensures that the response includes the expected title tags related to Drone CI. - Status Code: The module verifies that the response has a status code of 200, indicating a successful request.

By evaluating these conditions, the module determines whether the Drone CI login panel is present or not.