GeoServer Login Panel - Detect

What is the "GeoServer Login Panel - Detect?"

The "GeoServer Login Panel - Detect" module is designed to detect the presence of the GeoServer login panel. GeoServer is an open-source server that allows users to share and edit geospatial data. This module focuses on identifying the login panel specifically.

This module is classified as informative, meaning it provides valuable information but does not indicate any immediate security vulnerabilities or misconfigurations.

Author: ritikchaddha

Impact

This module does not have any direct impact on the target system. It simply detects the presence of the GeoServer login panel, providing information about the software being used.

How does the module work?

The module works by sending an HTTP GET request to the target system's "/web/geoserver/web/" path. It then applies two matching conditions to determine if the GeoServer login panel is present:

- The module checks if the response body contains the HTML title tag "<title>GeoServer: Welcome</title>". - The module verifies that the response status code is 200 (OK).

If both conditions are met, the module reports that the GeoServer login panel has been detected.

Metadata:

- Max-request: 2 - Verified: true - Shodan-query: title:"GeoServer"