Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Opencast Admin Panel Discovery

By kannthu

Informative
Vidoc logoVidoc Module
#panel#opencast
Description

What is the "Opencast Admin Panel Discovery" module?

The "Opencast Admin Panel Discovery" module is a test case designed to detect the presence of an Opencast Admin panel. Opencast is a free and open-source solution for automated video capture and distribution at scale. This module focuses on identifying potential misconfigurations or vulnerabilities in the Opencast Admin panel.

Severity: Informative

Author: cyllective, daffainfo

Impact

This module aims to identify potential security risks or misconfigurations in the Opencast Admin panel. By detecting these issues, administrators can take appropriate actions to secure their Opencast installations and prevent unauthorized access or data breaches.

How does the module work?

The "Opencast Admin Panel Discovery" module utilizes HTTP request templates and matching conditions to identify the presence of the Opencast Admin panel. It sends a GET request to the "/admin-ng/login.html" path and applies the following matching conditions:

- The response body must contain the HTML tag "<title>Opencast</title>" - The response status code must be 200 (OK)

If both conditions are met, the module considers the Opencast Admin panel to be present.

Example HTTP request:

GET /admin-ng/login.html

Matching conditions:

- Response body must contain the HTML tag "<title>Opencast</title>" - Response status code must be 200 (OK)

By analyzing the response of the HTTP request, the module determines whether the Opencast Admin panel is accessible and functioning properly.

For more information about Opencast, you can refer to the Opencast GitHub repository.

Metadata:

- max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/admin-ng/login.html
Matching conditions
word: <title>Opencast</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability