Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

IBM WebSphere Application Server Community Edition Admin Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#websphere#panel#ibm
Description

What is the "IBM WebSphere Application Server Community Edition Admin Login Panel - Detect?"

The "IBM WebSphere Application Server Community Edition Admin Login Panel - Detect" module is designed to detect the presence of the admin login panel for IBM WebSphere Application Server Community Edition. This module focuses on detecting misconfigurations related to the admin login panel.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or security risk.

Impact

This module does not have a direct impact on the target system. It is purely focused on detecting the presence of the admin login panel and does not perform any actions beyond that.

How the module works?

The module sends an HTTP GET request to the "/console" path of the target system. It then applies two matching conditions to determine if the admin login panel is present.

The first matching condition checks the response body for specific words, including "Administrative Console Login" and "Log in to the Administrative Console". If any of these words are found, the condition is considered a match.

The second matching condition verifies that the HTTP response status is 200, indicating a successful request. If the status is 200, the condition is considered a match.

Both matching conditions must be met for the module to detect the admin login panel.

It's important to note that this module only detects the presence of the admin login panel and does not perform any further actions or exploit any vulnerabilities.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/console
Matching conditions
word: Administrative Console Login, Log in to ...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability