Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Joget Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#joget
Description

What is the "Joget Panel - Detect" module?

The "Joget Panel - Detect" module is a test case designed to detect the presence of the Joget panel. Joget is a software platform that allows users to build enterprise web applications and automate business processes. This module focuses on identifying instances of the Joget panel and provides information about its configuration.

This module has an informative severity level, meaning it provides valuable insights but does not indicate a critical vulnerability or misconfiguration.

Author: Podalirius

Impact

The impact of detecting the Joget panel is dependent on the specific configuration and usage of the panel. The module itself does not provide details on the potential impact, but it serves as a starting point for further investigation and analysis.

How does the module work?

The "Joget Panel - Detect" module operates by sending HTTP requests to the target system and analyzing the responses based on predefined matching conditions. It looks for specific patterns and status codes that indicate the presence of the Joget panel.

One example of a matching condition is the detection of the phrase "System Error" in the response body, combined with a status code of 500 (Internal Server Error). If both conditions are met, the module considers it a positive match for the Joget panel.

It is important to note that this module does not perform any active exploitation or modification of the target system. It solely focuses on identifying the presence of the Joget panel based on the provided matching conditions.

Metadata:

max-request: 1
shodan-query: http.favicon.hash:-1343712810

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/jw/web/;
Matching conditions
word: System Errorand
status: 500
Passive global matcher
No matching conditions.
On match action
Report vulnerability