Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Hestia Control Panel Login - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#hestia#detect
Description

What is the "Hestia Control Panel Login - Detect" module?

The "Hestia Control Panel Login - Detect" module is designed to detect the presence of the Hestia Control Panel login page. Hestia Control Panel is a web hosting control panel that allows users to manage their websites and server settings. This module focuses on identifying the login page of the Hestia Control Panel.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: JustaAcat

Impact

This module does not have a direct impact on the system or application being scanned. It simply detects the presence of the Hestia Control Panel login page, providing information about its existence.

How does the module work?

The module works by sending an HTTP GET request to the "/login/" path of the target website. It then applies two matching conditions to determine if the Hestia Control Panel login page is present.

The first matching condition checks the response body for the presence of specific words, such as "Hestia Control Panel" and "Welcome to Hestia Control". If any of these words are found, the condition is considered a match.

The second matching condition verifies that the HTTP response status is 200, indicating a successful request. Both matching conditions must be met for the module to consider the login page detected.

Example HTTP request:

GET /login/ HTTP/1.1
Host: [target website]

Matching conditions:

- The response body contains either "Hestia Control Panel" or "Welcome to Hestia Control". - The HTTP response status is 200.

Note: The module definition provided in the JSON format contains additional technical details and metadata, but those are not necessary for understanding the module's functionality.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login/
Matching conditions
word: Hestia Control Panel, Welcome to Hestia ...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability