Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Netlify CMS Admin Login Panel - Detect" module is designed to detect the presence of the Netlify CMS admin login panel. Netlify CMS is a content management system that allows users to manage and edit website content. This module focuses on identifying the login panel specifically.
The severity of this module is classified as informative, meaning it provides valuable information but does not pose a direct security risk.
This module was authored by sullo.
The impact of detecting the Netlify CMS admin login panel is primarily informational. It helps users identify whether the login panel is exposed and accessible, which can be useful for assessing the security posture of a website.
The module works by sending an HTTP GET request to the "/admin/index.html" path of the target website. It then applies two matching conditions to determine if the Netlify CMS login panel is present.
The first matching condition checks the HTTP response status code, expecting a 200 status code indicating a successful response. The second matching condition examines the response body for the presence of the phrase "Netlify CMS".
Here is an example of the HTTP request sent by the module:
GET /admin/index.html
The matching conditions are as follows:
- The response status code must be 200. - The response body must contain the phrase "Netlify CMS".If both conditions are met, the module reports the detection of the Netlify CMS admin login panel.
The module's metadata specifies that it allows a maximum of 1 request to be sent.