MantisBT Login Panel - Detect

By kannthu

Informative

Vidoc Module

#panel#mantisbt

Description

What is the "MantisBT Login Panel - Detect?"

The "MantisBT Login Panel - Detect" module is designed to detect the presence of the MantisBT login panel. MantisBT is an open-source web-based bug tracking system used for issue tracking and project management. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: makyotox, daffainfo

Impact

This module does not have a direct impact on the target system. It simply detects the presence of the MantisBT login panel, providing information about its existence.

How does the module work?

The module works by sending an HTTP GET request to the "/login_page.php" path of the target system. It then applies two matching conditions to determine if the MantisBT login panel is present:

- The response body must contain either the phrase "title="MantisBT: Text Search"" or "title="MantisBT: Issue Id"". - The response status code must be 200 (OK).

If both conditions are met, the module considers the MantisBT login panel to be detected.

Reference: https://www.mantisbt.org/

Metadata:

- max-request: 1 - verified: true - shodan-query: http.favicon.hash:662709064

Module preview

Concurrent Requests (1)

1. HTTP Request template

GET/login_page.php

Matching conditions

word: title="MantisBT: Text Search", title="Ma...and

status: 200

Passive global matcher

No matching conditions.

On match action

Report vulnerability