HighMail Admin Login Panel - Detect

What is the "HighMail Admin Login Panel - Detect?"

The "HighMail Admin Login Panel - Detect" module is designed to detect the presence of the HighMail admin login panel. HighMail is a software that provides an admin panel for managing email accounts. This module focuses on identifying the login panel and does not perform any further actions. The severity of this module is classified as informative, meaning it provides valuable information but does not pose a direct security risk. The original author of this module is ritikchaddha.

Impact

This module does not have any direct impact as it only detects the presence of the HighMail admin login panel. However, the information obtained from this detection can be used to assess the security posture of the HighMail installation and potentially identify any misconfigurations or vulnerabilities.

How does the module work?

The module works by sending an HTTP GET request to the "/login" path of the target website. It then applies two matching conditions to determine if the HighMail admin login panel is present:

- Matcher 1: It checks if the response body contains the word "HighMail". - Matcher 2: It verifies if the response status code is 200 (OK).

If both matching conditions are met, the module considers the HighMail admin login panel to be detected.

Example HTTP request:

GET /login

The module does not perform any further actions beyond detecting the login panel.