Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

IBM MQ Web Console Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#ibm
Description

What is the "IBM MQ Web Console Login Panel - Detect?"

The "IBM MQ Web Console Login Panel - Detect" module is designed to detect the presence of the IBM MQ Web Console login panel. This module focuses on identifying potential misconfigurations or vulnerabilities related to the login panel of the IBM MQ Web Console. The severity of this module is classified as informative, meaning it provides valuable information without indicating a critical security issue. The original author of this module is righettod.

Impact

This module does not directly impact the security of the IBM MQ Web Console. Instead, it serves as a detection mechanism to identify the presence of the login panel. The results of this module can be used to assess the configuration and potential vulnerabilities of the IBM MQ Web Console.

How does the module work?

The "IBM MQ Web Console Login Panel - Detect" module operates by sending an HTTP GET request to the "/ibmmq/console/login.html" path of the target. It then applies two matching conditions to determine if the login panel is present:

- Matcher 1: It checks if the response body contains the HTML title tag "<title>MQ Console</title>". - Matcher 2: It verifies if the HTTP response status code is 200 (OK).

If both matching conditions are met, the module reports a successful detection of the IBM MQ Web Console login panel.

For more information about the IBM MQ Web Console, you can refer to the official documentation.

Metadata: max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/ibmmq/console/login...
Matching conditions
word: <title>MQ Console</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability