Automate Recon and scanning process with Vidoc. All security teams in one place
The "Looker Login Panel - Detect" module is designed to detect the presence of the Looker login panel. Looker is a software platform that provides business intelligence and data analytics solutions. This module focuses on identifying potential misconfigurations or vulnerabilities related to the Looker login panel. It is an informative module that helps users assess the security of their Looker installation.
This module has an informative severity level, which means it provides valuable insights without indicating a critical security issue. It is intended to help users identify and address any potential security risks associated with the Looker login panel.
This module does not directly impact the functionality or performance of the Looker software. Instead, it helps users identify any misconfigurations or vulnerabilities that may exist within the Looker login panel. By detecting these issues, users can take appropriate actions to enhance the security of their Looker installation and protect sensitive data.
The "Looker Login Panel - Detect" module utilizes HTTP request templates and matching conditions to identify the presence of the Looker login panel. It sends a GET request to the "/login" path and checks for specific content in the response body, including the presence of "lookerVersion" and "lookerLocation.title". Additionally, it verifies that the response status is 200 (OK).
By analyzing the response and matching conditions, the module determines whether the Looker login panel is present and functioning as expected. If the conditions are met, it indicates that the login panel is accessible and potentially vulnerable to misconfigurations or security issues.
Here is an example of the HTTP request sent by the module:
The module's matching conditions include:- The response body must contain the words "lookerVersion" and "lookerLocation.title". - The response status must be 200 (OK).
If all the matching conditions are satisfied, the module reports a potential vulnerability or misconfiguration related to the Looker login panel.