Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

KevinLAB BEMS (Building Energy Management System) - Backdoor Detection

By kannthu

Vidoc logoVidoc Module

What is the "KevinLAB BEMS (Building Energy Management System) - Backdoor Detection?"

The "KevinLAB BEMS (Building Energy Management System) - Backdoor Detection" module is designed to detect the presence of an undocumented backdoor account in the KevinLAB BEMS software. KevinLAB BEMS is a building energy management system that helps monitor and control energy usage in buildings. This module focuses on identifying a critical vulnerability in the software that allows unauthorized access through a hidden backdoor account. The severity of this vulnerability is classified as critical, indicating the potential for significant harm if exploited. The original author of this module is gy741.


If the backdoor account in KevinLAB BEMS is exploited, an attacker can gain unauthorized access to the system. This can lead to various malicious activities, such as unauthorized control of building energy systems, manipulation of energy usage data, or even sabotage of critical infrastructure. The impact of this vulnerability can be severe, compromising the security and integrity of the entire building energy management system.

How the module works?

The module works by sending an HTTP request to the targeted KevinLAB BEMS system and analyzing the response for specific patterns. The request is designed to simulate a login attempt using the backdoor account credentials. The module then checks the response body for the presence of certain data patterns, including the backdoor account information and a successful login result. Additionally, it verifies that the HTTP response status is 200, indicating a successful connection to the targeted system.

By combining these matching conditions, the module can determine if the KevinLAB BEMS system has the backdoor account vulnerability. If the conditions are met, the module will report the vulnerability, highlighting the need for immediate action to address the security issue.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
regex: data":"[A-Za-z0-9-]+, login_key":"[A-Za-...and
word: "result":trueand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability