Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Ektron CMS Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#ektron#cms
Description

What is the "Ektron CMS Login Panel - Detect?" module?

The "Ektron CMS Login Panel - Detect" module is a test case designed to detect the presence of the Ektron CMS login panel. Ektron CMS is a content management system used for building and managing websites. This module focuses on identifying the login panel specifically.

This module is classified as informative, meaning it provides information about the presence of the login panel but does not indicate any vulnerabilities or misconfigurations.

Author: pikpikcu

Impact

The impact of this module is limited to providing information about the existence of the Ektron CMS login panel. It does not indicate any security vulnerabilities or potential risks associated with the login panel.

How does the module work?

The "Ektron CMS Login Panel - Detect" module works by sending HTTP requests and analyzing the responses to determine if the Ektron CMS login panel is present. It uses specific matching conditions to identify the login panel.

Matching conditions:

- The module checks the response body for the presence of certain keywords, including "EktronClientManager," "ektronTheme," and "Ektron.ready." If any of these keywords are found, it indicates the presence of the login panel. - The module also verifies that the HTTP response status code is 200, indicating a successful request. This condition ensures that the login panel is accessible.

Example HTTP request:

GET /login HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36

Note: The above example is a simplified representation of an HTTP request and may not reflect the exact request used by the module.

By analyzing the response body and status code, the module can determine if the Ektron CMS login panel is present on the target website.

Module preview

Concurrent Requests (0)
Passive global matcher
word: EktronClientManager, ektronTheme, Ektron...and
status: 200
On match action
Report vulnerability