Metabase Login Panel - Detect

What is the "Metabase Login Panel - Detect" module?

The "Metabase Login Panel - Detect" module is a test case designed to detect the presence of the Metabase login panel. Metabase is a software that provides a user-friendly interface for querying and visualizing data. This module focuses on identifying any misconfigurations or vulnerabilities related to the login panel of Metabase.

This module has an informative severity level, which means it provides valuable information without indicating a critical security issue.

Impact

This module does not have a direct impact on the target system. Instead, it helps identify potential security weaknesses or misconfigurations in the Metabase login panel. By detecting these issues, system administrators can take appropriate measures to enhance the security of their Metabase installation.

How the module works?

The "Metabase Login Panel - Detect" module works by sending a GET request to the "/auth/login" path of the target system. It then applies matching conditions to determine if the response indicates the presence of the Metabase login panel.

The matching conditions include:

- Checking if the response status is 200 (OK). - Verifying if the response body contains specific words, such as "<title>Metabase</title>", "window.MetabaseBootstrap", and "window.MetabaseRoot".

If all the matching conditions are met, the module reports a successful detection of the Metabase login panel.