Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Oracle Integrated Lights Out Manager Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#oracle#login#panel
Description

What is the "Oracle Integrated Lights Out Manager Login Panel - Detect?"

The "Oracle Integrated Lights Out Manager Login Panel - Detect" module is designed to detect the presence of the Oracle Integrated Lights Out Manager login panel. This module focuses on identifying potential misconfigurations or vulnerabilities related to the login panel.

Oracle Integrated Lights Out Manager (ILOM) is a web-based management interface that allows administrators to remotely manage and monitor Oracle servers. It provides a range of features for system administration, including remote console access, power management, and firmware updates.

This module has an informative severity level, which means it provides valuable information but does not indicate a critical vulnerability or misconfiguration.

Author: dhiyaneshDk

Impact

This module does not directly impact the system. Instead, it helps identify potential security risks or configuration issues related to the Oracle Integrated Lights Out Manager login panel. By detecting these issues, administrators can take appropriate actions to mitigate any potential risks and ensure the secure operation of their Oracle servers.

How does the module work?

The module works by sending an HTTP GET request to the "/iPages/i_login.asp" path of the target system. It then applies two matching conditions to determine if the Oracle Integrated Lights Out Manager login panel is present:

- The module checks if the response body contains the "<title>Oracle(R) Integrated Lights Out Manager - Login</title>" HTML tag. This tag is typically present on the login page of the Oracle Integrated Lights Out Manager. - The module also verifies that the HTTP response status code is 200, indicating a successful request.

If both conditions are met, the module reports a detection of the Oracle Integrated Lights Out Manager login panel.

Metadata:

- max-request: 1 - shodan-query: http.title:"Oracle(R) Integrated Lights Out Manager"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/iPages/i_login.asp
Matching conditions
word: <title>Oracle(R) Integrated Lights Out M...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability