Hybris Management Console Login Panel - Detect

What is the "Hybris Management Console Login Panel - Detect?"

The "Hybris Management Console Login Panel - Detect" module is designed to detect the presence of the Hybris Management Console login panel. Hybris Management Console is a software used for managing and administering SAP Hybris Commerce applications. This module focuses on identifying potential misconfigurations or vulnerabilities related to the login panel.

This module has an informative severity level, which means it provides valuable information but does not indicate a critical security issue.

Author: dogasantos

Impact

The detection of the Hybris Management Console login panel does not directly indicate any impact or vulnerability. However, it can be an important step in identifying potential security risks or misconfigurations within the Hybris Management Console.

How does the module work?

The module works by sending HTTP requests to specific paths associated with the Hybris Management Console, such as "/hmc/hybris" and "/hybris/hmc/hybris". It then applies matching conditions to the response body to determine if the phrase "Hybris Management Console" is present.

For example, one of the HTTP requests sent by this module could be:

GET /hmc/hybris

The module uses a word matcher to check if the response body contains the phrase "Hybris Management Console". If a match is found, the module reports the detection of the login panel.

It's important to note that this module only performs detection and does not perform any active exploitation or modification of the target system.

Metadata: max-request: 2