Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Kerio Connect Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#kerio
Description

What is the "Kerio Connect Login Panel - Detect?" module?

The "Kerio Connect Login Panel - Detect" module is designed to detect the presence of the Kerio Connect login panel. Kerio Connect is a software solution that provides email and collaboration services. This module focuses on identifying the login panel specifically.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by dhiyaneshDk.

Impact

This module does not have a direct impact on the system being scanned. It simply detects the presence of the Kerio Connect login panel, providing information about its existence.

How does the module work?

The module works by sending an HTTP GET request to the "/webmail/login/" path of the target system. It then applies two matching conditions to determine if the Kerio Connect login panel is present:

    - The module checks if the response body contains the HTML title tag "<title>Kerio Connect Client</title>". - The module verifies that the response status code is 200 (OK).

If both conditions are met, the module reports a successful detection of the Kerio Connect login panel.

Example HTTP request:

GET /webmail/login/ HTTP/1.1
Host: [target_host]

The matching conditions are:

- The response body must contain the HTML title tag "<title>Kerio Connect Client</title>". - The response status code must be 200 (OK).

When these conditions are satisfied, the module reports a successful detection of the Kerio Connect login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/webmail/login/
Matching conditions
word: <title>Kerio Connect Client</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability