Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jeedom Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#jeedom#login
Description

What is the "Jeedom Login Panel - Detect" module?

The "Jeedom Login Panel - Detect" module is a test case designed to detect the presence of the Jeedom login panel. Jeedom is a software platform used for home automation. This module focuses on identifying the login panel specifically.

The severity of this module is classified as informative, meaning it provides information about the presence of the login panel but does not indicate any immediate vulnerabilities or misconfigurations.

This module was authored by pikpikcu and daffainfo.

Impact

The impact of this module is limited to providing information about the existence of the Jeedom login panel. It does not indicate any security vulnerabilities or misconfigurations.

How does the module work?

The "Jeedom Login Panel - Detect" module works by sending an HTTP GET request to the "/index.php?v=d" path of the target website. It then applies two matching conditions to determine if the Jeedom login panel is present.

The first matching condition checks the response body for the presence of the "" and "JEEDOM_PRODUCT_NAME" keywords. If both keywords are found, it indicates the presence of the Jeedom login panel.

The second matching condition verifies that the HTTP response status is 200, indicating a successful request.

Here is an example of the HTTP request sent by the module:

GET /index.php?v=d

The module's matching conditions are:

- Check if the response body contains "" and "JEEDOM_PRODUCT_NAME" - Verify that the HTTP response status is 200

When both matching conditions are met, the module reports the detection of the Jeedom login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/index.php?v=d
Matching conditions
word: <title>Jeedom</title>, JEEDOM_PRODUCT_NA...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability