Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

MeterSphere Login Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "MeterSphere Login Panel - Detect?"

The "MeterSphere Login Panel - Detect" module is designed to detect the presence of the MeterSphere login panel. MeterSphere is a software platform used for continuous testing and monitoring of applications. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a critical vulnerability or misconfiguration.

Author: pdteam


This module does not have a direct impact on the system. It serves as a detection mechanism to identify the presence of the MeterSphere login panel. The results of this module can be used to further assess the security posture of the MeterSphere installation.

How does the module work?

The module works by sending HTTP requests to specific paths ("/favicon.ico" and "/login") and applying matching conditions to determine if the MeterSphere login panel is present.

Example HTTP request:

GET /login

The module uses the following matching conditions:

- Status code must be 200 - The response body must contain the string "metersphere" (case-insensitive) - The response headers must contain the header "ms_session_id"

If any of these conditions are met, the module considers the MeterSphere login panel to be detected.


Metadata: max-request: 2

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
dsl: status_code==200, (`1023469568` == mmh3(...or
dsl: status_code==200, contains(toLower(body)...or
dsl: contains(toLower(all_headers), `ms_sessi...
Passive global matcher
No matching conditions.
On match action
Report vulnerability