Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

MinIO Console Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#minio
Description

What is the "MinIO Console Login Panel - Detect" module?

The "MinIO Console Login Panel - Detect" module is designed to detect the presence of the MinIO Console login panel. MinIO is an open-source object storage server that is compatible with Amazon S3. The module focuses on identifying the login panel specifically, which can help in assessing the security posture of the MinIO installation.

This module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by pussycat0x.

Impact

The detection of the MinIO Console login panel does not directly imply any impact or vulnerability. It simply indicates the presence of the login panel, which can be used for administrative access to the MinIO storage system.

How does the module work?

The module works by sending an HTTP GET request to the "/login" path of the target MinIO instance. It then applies two matching conditions to determine if the MinIO Console login panel is present:

- The response body must contain the HTML tag "<title>minio console</title>". - The response status code must be 200 (OK).

If both conditions are met, the module reports the detection of the MinIO Console login panel.

Example HTTP request:

GET /login

The module does not perform any further actions beyond reporting the detection.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login
Matching conditions
dsl: contains(toLower(body), `<title>minio co...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability