Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

osTicket Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#osticket
Description

What is the "osTicket Login Panel - Detect?"

The "osTicket Login Panel - Detect" module is designed to detect the presence of the osTicket login panel. osTicket is a popular open-source ticketing system used for managing customer support requests. This module focuses on identifying the login panel specifically.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by ritikchaddha.

Impact

This module does not have a direct impact on the security of the osTicket login panel. It is purely a detection module and does not perform any actions beyond identifying the presence of the login panel.

How does the module work?

The "osTicket Login Panel - Detect" module works by sending an HTTP GET request to the "/login.php" path of the target website. It then applies two matching conditions to determine if the osTicket login panel is present:

    - The module checks the response body for specific keywords, including "powered by osTicket" and "content=\"osTicket". If either of these keywords is found, it indicates the presence of the osTicket login panel. - The module also verifies that the HTTP response status code is 200, indicating a successful request. This condition ensures that the target page is accessible.

By combining these matching conditions, the module can accurately detect the osTicket login panel on a website.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login.php
Matching conditions
word: powered by osTicket, content="osTicketand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability