Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Oracle Enterprise Manager Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#oracle#manager#login
Description

What is the "Oracle Enterprise Manager Login Panel - Detect?"

The "Oracle Enterprise Manager Login Panel - Detect" module is designed to detect the presence of the Oracle Enterprise Manager login panel. This module targets the Oracle Enterprise Manager software, which is a comprehensive management solution for Oracle databases, applications, and systems. The module is created by an unknown author.

This module has an informative severity level, which means it provides information about the presence of the login panel but does not indicate any specific vulnerabilities or misconfigurations.

Impact

This module does not have a direct impact on the target system. It only detects the presence of the Oracle Enterprise Manager login panel, providing information to the user or security analyst.

How the module works?

The module works by sending an HTTP GET request to the "/em/console/logon/logon" path of the target system. It then applies two matching conditions to determine if the Oracle Enterprise Manager login panel is present:

    - The module checks if the response body contains any of the following keywords: "Oracle UIX", "libNPSVG3.so", "Oracle Enterprise Manager". This indicates the presence of the login panel. - The module checks if the response status code is 200, indicating a successful request. This ensures that the login panel is accessible.

If both matching conditions are met, the module reports a successful detection of the Oracle Enterprise Manager login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/em/console/logon/lo...
Matching conditions
word: Oracle UIX, libNPSVG3.so, Oracle Enterpr...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability