Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "JumpServer Login Panel - Detect" module is designed to detect the presence of the JumpServer Open Source Bastion Host login panel. JumpServer is an open-source bastion host that provides secure access to remote servers. This module focuses on identifying the login panel of JumpServer, which can help in assessing the security posture of the system.
This module has an informative severity level, indicating that it provides valuable information but does not directly indicate a vulnerability or misconfiguration.
Author: lu4nx
The detection of the JumpServer login panel does not directly imply any impact or vulnerability. However, it can be an important step in identifying the presence of JumpServer and assessing the overall security of the system.
The module works by sending an HTTP GET request to the "/core/auth/login/" path of the target system. It then applies two matching conditions to determine if the JumpServer login panel is present:
(?i)<title>(\n.*)JumpServer Open Source Bastion Host(\n.*)</title>
- (?i)<title>(\n.*)JumpServer 开源堡垒机(\n.*)</title>
If either of these patterns is found, it indicates the presence of the JumpServer login panel.
- The module also verifies that the response status code is 200, indicating a successful request.
By combining these matching conditions, the module determines if the JumpServer login panel is detected.
Example HTTP request:
GET /core/auth/login/ HTTP/1.1
Host: [target_host]
Matching conditions:
- Response body must match either of the specified regex patterns - Response status code must be 200For more information about JumpServer, you can visit their official website: https://www.jumpserver.org/
Metadata:
- max-request: 1 - verified: true - shodan-query: http.title:'Jump'