Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jupyter Notebook Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#edb#panel#jupyter#notebook#exposure
Description

Jupyter Notebook Login Panel - Detect

What is the "Jupyter Notebook Login Panel - Detect?"

The "Jupyter Notebook Login Panel - Detect" module is designed to detect the presence of the Jupyter Notebook login panel. Jupyter Notebook is an open-source web application that allows users to create and share documents that contain live code, equations, visualizations, and narrative text. This module specifically focuses on identifying the login panel of Jupyter Notebook.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by hakimkt and arafatansari.

Impact

This module does not have any direct impact as it is purely a detection module. It helps users identify the presence of the Jupyter Notebook login panel, which can be useful for security assessments and configuration checks.

How does the module work?

The "Jupyter Notebook Login Panel - Detect" module works by sending HTTP requests to specific paths associated with the Jupyter Notebook login panel. It then applies matching conditions to determine if the login panel is present.

For example, the module may send a GET request to paths such as "/jupyter/login", "/jupyter/lab", "/jupyter/hub/lti/launch", and "/hub/login". It checks the response body for specific words or phrases, such as "/jupyter/static/base/images/logo.png", "/jupyter/hub/logo", "Select items to perform actions on them.", and "JupyterHub". Additionally, it verifies that the response status is 200.

If all the matching conditions are met, the module reports the detection of the Jupyter Notebook login panel.

Example HTTP Request:

GET /jupyter/login HTTP/1.1
Host: example.com

Matching Conditions:

- The response body must contain either "/jupyter/static/base/images/logo.png", "/jupyter/hub/logo", "Select items to perform actions on them.", or "JupyterHub". - The response status must be 200.

By applying these matching conditions, the module can accurately detect the presence of the Jupyter Notebook login panel.

Reference:

- https://www.exploit-db.com/ghdb/7970

Metadata:

max-request: 4

shodan-query: http.html:"JupyterHub"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/jupyter/login/jupyter/lab/jupyter/hub/lti/lau...(+1 paths)
Matching conditions
word: /jupyter/static/base/images/logo.png, /j...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability