Microsoft Exchange Admin Center Login Panel - Detect

What is the "Microsoft Exchange Admin Center Login Panel - Detect?"

The "Microsoft Exchange Admin Center Login Panel - Detect" module is designed to detect the presence of the Microsoft Exchange Admin Center login panel. This module focuses on identifying misconfigurations or vulnerabilities related to the login panel of the Microsoft Exchange Admin Center. It is an informative module that provides insights into potential security issues.

This module targets Microsoft Exchange, a widely used email and collaboration platform. The severity of the module is classified as informative, indicating that it provides valuable information but does not pose an immediate threat.

This module was authored by r3dg33k.

Impact

The module does not directly impact the system or application being scanned. Instead, it provides information about the presence of the Microsoft Exchange Admin Center login panel, which can help identify potential security risks or misconfigurations.

How does the module work?

The module works by sending an HTTP GET request to the path "/owa/auth/logon.aspx?replaceCurrent=1&url=/ecp" and then applying matching conditions to determine if the Microsoft Exchange Admin Center login panel is present.

The matching conditions for this module include:

- Checking the HTTP response status code, which should be 200 (OK). - Verifying the presence of the phrase "Exchange Admin Center" in the response body.

If both matching conditions are met, the module reports the detection of the Microsoft Exchange Admin Center login panel.

Example HTTP request:

GET /owa/auth/logon.aspx?replaceCurrent=1&url=/ecp

For more information, refer to the Microsoft documentation.