Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jira Service Desk Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#servicedesk#confluence#jira#panel#login
Description

What is the "Jira Service Desk Login Panel - Detect?"

The "Jira Service Desk Login Panel - Detect" module is designed to detect the presence of the Jira Service Desk login panel. Jira Service Desk is a software application developed by Atlassian that allows organizations to provide custom service portals for their customers. This module focuses on identifying any misconfigurations or vulnerabilities related to the login panel of Jira Service Desk.

This module has an informative severity level, which means it provides valuable information without indicating any immediate security risks.

Impact

The impact of this module is primarily informational. It helps organizations identify potential issues with the Jira Service Desk login panel, allowing them to take appropriate actions to ensure its proper configuration and security.

How the module works?

The "Jira Service Desk Login Panel - Detect" module works by sending HTTP requests to specific endpoints related to the Jira Service Desk login functionality. It then applies matching conditions to determine if the login panel is present and functioning correctly.

For example, one of the HTTP requests sent by this module is a GET request to the "/servicedesk/customer/user/login" and "/servicedesk/customer/portal/10/user/login" paths. The module expects a response with a status code of 200, indicating a successful request. Additionally, it checks if the response contains the word "https://confluence.atlassian.com" to ensure that the login panel is not redirecting to an unexpected location.

If all the matching conditions are met, the module reports a successful detection of the Jira Service Desk login panel.

Note: This module is specifically designed to detect the login panel and does not perform any further actions or modifications to the system.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/servicedesk/custome.../servicedesk/custome...
Matching conditions
status: 200and
word: https://confluence.atlassian.com
Passive global matcher
No matching conditions.
On match action
Report vulnerability