Pentaho User Console Login Panel - Detect

What is the "Pentaho User Console Login Panel - Detect?"

The "Pentaho User Console Login Panel - Detect" module is designed to detect the presence of the login panel in the Pentaho User Console. Pentaho User Console is a software platform used for business intelligence and data integration. This module focuses on identifying any misconfigurations or vulnerabilities related to the login panel.

The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate security risk.

This module was authored by princechaddha and dhiyaneshDK.

Impact

The impact of this module is primarily informational. It helps identify potential security weaknesses or misconfigurations in the Pentaho User Console login panel. By detecting any vulnerabilities, administrators can take appropriate actions to secure the login panel and prevent unauthorized access.

How does the module work?

The module works by sending an HTTP GET request to the "/pentaho/Login" path of the target system. It then applies a matching condition to check if the response contains the specific HTML title tag "". If the condition is met, the module reports the detection of the Pentaho User Console login panel.

Here is an example of the HTTP request sent by the module:

GET /pentaho/Login

The matching condition used in this module is a word matcher that checks for the presence of the HTML title tag. It ensures that the response contains the expected title indicating the login panel.

Overall, this module provides valuable insights into the presence and configuration of the Pentaho User Console login panel, allowing administrators to assess and enhance the security of their system.