Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Laravel File Manager - Panel Detect

By kannthu

Informative
Vidoc logoVidoc Module
#laravel#filemanager#fileupload
Description

What is the "Laravel File Manager - Panel Detect" module?

The "Laravel File Manager - Panel Detect" module is designed to detect the presence of the Laravel File Manager panel. Laravel File Manager is a popular file management tool for Laravel applications. This module focuses on identifying the panel and does not perform any actions beyond detection. The severity of this module is classified as informative, meaning it provides valuable information but does not pose a direct security risk. The original author of this module is princechaddha.

Impact

This module does not have a direct impact on the security or functionality of the targeted software. It simply identifies the presence of the Laravel File Manager panel, which can be useful for further analysis or configuration checks.

How does the module work?

The "Laravel File Manager - Panel Detect" module works by sending a GET request to the "/laravel-filemanager?type=Files" endpoint. It then applies two matching conditions to determine if the Laravel File Manager panel is present:

    - The module checks the response body for the presence of the phrase "Laravel FileManager". - The module verifies that the response status code is 200 (OK).

If both conditions are met, the module reports a successful detection of the Laravel File Manager panel.

Example HTTP request:

GET /laravel-filemanager?type=Files

Matching conditions:

- The response body must contain the phrase "Laravel FileManager". - The response status code must be 200 (OK).

For more information about Laravel File Manager, you can refer to the official GitHub repository.

Metadata:

max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/laravel-filemanager...
Matching conditions
word: Laravel FileManagerand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability