Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Druid Monitor Login Panel - Detect" module is designed to detect the presence of the Druid Monitor login panel. Druid Monitor is a software used for monitoring and managing Apache Druid, an open-source distributed data store. This module focuses on identifying the login panel, which can help in assessing the security posture of the system.
This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.
Author: pikpikcu, daffainfo
The detection of the Druid Monitor login panel does not directly imply any impact. However, it can be an indication that the login panel is accessible and potentially exposed to unauthorized access. Further investigation is recommended to ensure proper security measures are in place.
The "Druid Monitor Login Panel - Detect" module works by sending an HTTP GET request to the "/druid/login.html" path. It then applies two matching conditions to determine if the login panel is present:
- The module checks if the response body contains the HTML title tag "<title>druid monitor</title>
".
- The module verifies that the response status code is 200 (OK).
If both conditions are met, the module reports a successful detection of the Druid Monitor login panel.
Example HTTP request:
GET /druid/login.html
Matching conditions:
- Response body must contain the HTML title tag "<title>druid monitor</title>
".
- Response status code must be 200 (OK).