Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

OctoPrint Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#octoprint#panel
Description

What is the "OctoPrint Login Panel - Detect?"

The "OctoPrint Login Panel - Detect" module is designed to detect the presence of the OctoPrint login panel. OctoPrint is a popular open-source 3D printer management software that allows users to remotely control and monitor their 3D printers. This module focuses specifically on identifying the login panel of OctoPrint.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by affix.

Impact

The impact of detecting the OctoPrint login panel is primarily informational. It indicates that the login functionality of OctoPrint is present, but it does not provide any specific details about potential vulnerabilities or misconfigurations.

How does the module work?

The "OctoPrint Login Panel - Detect" module works by sending an HTTP GET request to the "/login/" path of the target OctoPrint instance. It then applies two matching conditions to determine if the login panel is present:

- The module checks if the response body contains the HTML title tag "<title>OctoPrint Login</title>". This ensures that the page title indicates it is the OctoPrint login page. - The module verifies that the HTTP response status code is 200, indicating a successful request.

If both matching conditions are met, the module reports the detection of the OctoPrint login panel.

It's important to note that this module does not perform any further analysis or testing beyond the initial detection of the login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login/
Matching conditions
word: <title>OctoPrint Login</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability