Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Metabase Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#metabase#login
Description

What is the "Metabase Login Panel - Detect" module?

The "Metabase Login Panel - Detect" module is a test case designed to detect the presence of the Metabase login panel. Metabase is a software that provides a user-friendly interface for querying and visualizing data. This module focuses on identifying any misconfigurations or vulnerabilities related to the login panel of Metabase.

This module has an informative severity level, which means it provides valuable information without indicating a critical security issue.

Impact

This module does not have a direct impact on the target system. Instead, it helps identify potential security weaknesses or misconfigurations in the Metabase login panel. By detecting these issues, system administrators can take appropriate measures to enhance the security of their Metabase installation.

How the module works?

The "Metabase Login Panel - Detect" module works by sending a GET request to the "/auth/login" path of the target system. It then applies matching conditions to determine if the response indicates the presence of the Metabase login panel.

The matching conditions include:

- Checking if the response status is 200 (OK). - Verifying if the response body contains specific words, such as "<title>Metabase</title>", "window.MetabaseBootstrap", and "window.MetabaseRoot".

If all the matching conditions are met, the module reports a successful detection of the Metabase login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/auth/login
Matching conditions
status: 200and
word: <title>Metabase</title>, window.Metabase...
Passive global matcher
No matching conditions.
On match action
Report vulnerability