Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Gophish Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#gophish
Description

What is the "Gophish Login Panel - Detect" module?

The "Gophish Login Panel - Detect" module is designed to detect the presence of the Gophish login panel. Gophish is a software platform used for simulating phishing attacks and testing the security awareness of individuals and organizations. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by dhiyaneshDK.

Impact

The impact of detecting the Gophish login panel is primarily informational. It indicates the presence of the login panel, but does not provide any specific details about vulnerabilities or misconfigurations.

How does the module work?

The module works by sending an HTTP GET request to the "/login" path of the target website. It then applies two matching conditions to determine if the Gophish login panel is present:

- The module checks if the response contains the HTML title tag "<title>Gophish - Login</title>". - The module also checks if the response status code is 200, indicating a successful request.

If both conditions are met, the module reports the detection of the Gophish login panel.

Example HTTP request:

GET /login

The module's matching conditions:

- Condition 1: The response must contain the HTML title tag "<title>Gophish - Login</title>". - Condition 2: The response status code must be 200.

Note: The module's JSON definition is not shown here for simplicity.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login
Matching conditions
word: <title>Gophish - Login</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability