Matomo Login Panel - Detect

What is the "Matomo Login Panel - Detect?"

The "Matomo Login Panel - Detect" module is designed to detect the presence of the Matomo login panel. Matomo is a web analytics platform that provides valuable insights into website traffic and user behavior. This module focuses on identifying any misconfigurations or vulnerabilities related to the Matomo login panel.

This module has an informative severity level, which means it provides valuable information but does not pose an immediate threat to the security of the system.

Impact

The impact of this module is primarily informational. It helps identify potential security weaknesses or misconfigurations in the Matomo login panel, allowing administrators to take appropriate actions to secure their system.

How the module works?

The "Matomo Login Panel - Detect" module works by sending a GET request to the "/matomo" path of the target website. It then analyzes the response body for specific keywords, such as "Sign in" and "Matomo". If these keywords are found, the module considers the Matomo login panel to be present.

The matching conditions for this module are based on the response body and use the "word" matcher type. The module checks if both "Sign in" and "Matomo" are present in the response body, using the "and" condition. If both keywords are found, the module reports a successful detection of the Matomo login panel.

It's important to note that this module does not perform any active attacks or exploit vulnerabilities. It solely focuses on detecting the presence of the Matomo login panel.