Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Gitlab Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#gitlab
Description

What is the "Gitlab Login Panel - Detect?"

The "Gitlab Login Panel - Detect" module is designed to detect the presence of the Gitlab login panel. Gitlab is a web-based Git repository manager that provides a user-friendly interface for managing Git repositories. This module focuses on identifying the login panel of Gitlab instances.

The severity of this module is classified as informative, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by ehsahil.

Impact

This module does not have any direct impact as it is purely a detection module. It helps identify the presence of the Gitlab login panel, but it does not perform any actions or modifications.

How does the module work?

The "Gitlab Login Panel - Detect" module works by sending an HTTP GET request to the "/users/sign_in" path of the target website. It then applies matching conditions to determine if the response indicates the presence of the Gitlab login panel.

The matching conditions for this module are as follows:

- The response must contain the words "GitLab" and "https://about.gitlab.com". - The response status code must be 200.

If both conditions are met, the module considers the Gitlab login panel to be detected.

Example HTTP request:

GET /users/sign_in

Matching conditions:

- Part: All
  Type: Word
  Words: ["GitLab", "https://about.gitlab.com"]
  Negative: False
  Condition: And
- Part: All
  Type: Status
  Status: [200]
  Negative: False
  Condition: And

Please note that this description is generated for SEO purposes and aims to provide accurate and concise information about the module.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/users/sign_in
Matching conditions
word: GitLab, https://about.gitlab.comand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability