Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Kafka Manager Panel - Unauthorized Access

By kannthu

Low
Vidoc logoVidoc Module
#misconfig#apache#kafka#unauth#exposure
Description

What is the "Kafka Manager Panel - Unauthorized Access?"

The "Kafka Manager Panel - Unauthorized Access" module is designed to detect unauthorized access to the Kafka Manager panel. Kafka Manager is an open-source tool developed by Yahoo for managing Apache Kafka clusters. This module focuses on identifying instances where the Kafka Manager panel is accessible without proper authentication, which can pose a security risk.

This module has a severity level of low, indicating that while unauthorized access is a concern, the potential impact may be limited.

This module was authored by Paper-Pen.

Impact

If unauthorized access to the Kafka Manager panel is detected, it means that an attacker could potentially gain control over the management and configuration of Kafka clusters. This could lead to unauthorized data access, manipulation, or disruption of Kafka messaging systems.

How the module works?

The "Kafka Manager Panel - Unauthorized Access" module works by sending HTTP requests to the target system and analyzing the responses. It uses specific matching conditions to determine if unauthorized access to the Kafka Manager panel is present.

One of the matching conditions checks if the response body contains the HTML title tag "<title>Kafka Manager</title>". This indicates that the page being accessed is the Kafka Manager panel.

Another matching condition verifies that the HTTP response status code is 200, indicating a successful request. Both matching conditions need to be met for the module to identify unauthorized access.

Here is an example of an HTTP request that the module may send:

GET /kafka-manager HTTP/1.1
Host: example.com

The module then evaluates the response to determine if unauthorized access is present based on the defined matching conditions.

It's important to note that this module does not perform any active exploitation or attempt to gain unauthorized access itself. It solely focuses on detecting the presence of unauthorized access to the Kafka Manager panel.

Module preview

Concurrent Requests (0)
Passive global matcher
word: <title>Kafka Manager</title>and
status: 200
On match action
Report vulnerability