Neo4j Browser - Detect

What is the "Neo4j Browser - Detect" module?

The "Neo4j Browser - Detect" module is designed to detect the presence of the Neo4j Browser software. Neo4j Browser is a web-based interface for interacting with Neo4j, a graph database management system. This module focuses on identifying instances of the Neo4j Browser and does not perform any actions beyond detection.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by DhiyaneshDK.

Impact

The impact of this module is limited to providing information about the presence of the Neo4j Browser. It does not indicate any specific vulnerabilities or risks associated with the software.

How does the module work?

The "Neo4j Browser - Detect" module works by sending a GET request to the "/browser/" path of the target. It then applies two matching conditions to determine if the Neo4j Browser is present:

- The module checks if the response body contains the HTML title tag "<title>Neo4j Browser</title>". - The module verifies that the response status code is 200 (OK).

If both conditions are met, the module identifies the presence of the Neo4j Browser.

Example HTTP request:

GET /browser/ HTTP/1.1
Host: [target]

The matching conditions ensure that the response body contains the expected HTML title tag and that the response status code is 200.