Kentico Login Panel - Detect

What is the "Kentico Login Panel - Detect?"

The "Kentico Login Panel - Detect" module is designed to detect the presence of the Kentico login panel. Kentico is a content management system (CMS) that allows users to create and manage websites. This module specifically targets the login panel of Kentico.

The severity of this module is classified as informative, meaning it provides information about the presence of the login panel but does not indicate any specific vulnerability or misconfiguration.

This module was authored by d4vy.

Impact

The detection of the Kentico login panel does not directly imply any impact or risk. It simply indicates the presence of the login panel within the targeted system.

How does the module work?

The "Kentico Login Panel - Detect" module works by sending a GET request to the "/CMSPages/logon.aspx" path of the target system. It then applies matching conditions to determine if the login panel is present.

The matching conditions for this module are as follows:

- The response status code must be 200. - The response body must contain the string "cmspages/getresource.ashx" (case-insensitive).

If both matching conditions are met, the module reports the detection of the Kentico login panel.

For example, the module sends a GET request to "/CMSPages/logon.aspx" and expects a response with a status code of 200 and the presence of the string "cmspages/getresource.ashx" in the response body.

For more information about using the Kentico interface, refer to the official Kentico documentation.

Metadata: max-request: 1