Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

JBoss jBPM Administration Console Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#jboss#panel#login
Description

What is the "JBoss jBPM Administration Console Login Panel - Detect?"

The "JBoss jBPM Administration Console Login Panel - Detect" module is designed to detect the presence of the JBoss jBPM Administration Console login panel. This module targets the JBoss jBPM Administration Console, which is a web-based interface used for managing and administering jBPM (Java Business Process Management) applications.

This module has an informative severity level, meaning it provides information about the presence of the login panel without indicating any specific vulnerabilities or misconfigurations.

This module was authored by DhiyaneshDK.

Impact

The detection of the JBoss jBPM Administration Console login panel does not directly imply any impact or risk. It simply indicates the presence of the login panel, which may be used for accessing and managing jBPM applications.

How does the module work?

The "JBoss jBPM Administration Console Login Panel - Detect" module works by sending an HTTP GET request to the "/jbpm-console/app/tasks.jsf" path. It then applies two matching conditions to determine if the JBoss jBPM Administration Console login panel is present:

    - The module checks the response body for the presence of the phrase "JBoss jBPM Administration Console". This is done using a word matcher. - The module verifies that the response status code is 200, indicating a successful request.

If both matching conditions are met, the module reports the detection of the JBoss jBPM Administration Console login panel.

Example HTTP request:

GET /jbpm-console/app/tasks.jsf

The module then checks the response body for the phrase "JBoss jBPM Administration Console" and ensures that the response status code is 200.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/jbpm-console/app/ta...
Matching conditions
word: JBoss jBPM Administration Consoleand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability