Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Laravel Backpack Admin Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#backpack#admin
Description

What is the "Laravel Backpack Admin Login Panel - Detect?"

The "Laravel Backpack Admin Login Panel - Detect" module is designed to detect the presence of the Laravel Backpack admin login panel. Laravel Backpack is a popular admin panel package for Laravel applications. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by shine.

Impact

The impact of detecting the Laravel Backpack admin login panel is primarily informational. It does not indicate any immediate security risks or vulnerabilities. However, it can provide insights into the presence of the admin panel and potentially help identify potential attack vectors or areas of concern.

How does the module work?

The module works by sending a GET request to the "/admin/login" path of the target website. It then analyzes the response body for specific keywords, including "Backpack Admin" and "backpack_alerts". If any of these keywords are found, the module considers the Laravel Backpack admin login panel to be present.

Here is an example of the HTTP request sent by the module:

GET /admin/login

The module uses a logical "OR" condition to match any of the specified keywords in the response body. This means that if either "Backpack Admin" or "backpack_alerts" is found, the module will consider the login panel detected.

The module has a maximum request count of 1, meaning it will only send a single request during the scanning process. It is verified and can be used in conjunction with a Shodan query that searches for websites with the title "Backpack Admin".

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/admin/login
Matching conditions
word: Backpack Admin, backpack_alerts
Passive global matcher
No matching conditions.
On match action
Report vulnerability