Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

phpMiniAdmin Login Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "phpMiniAdmin Login Panel - Detect?" module?

The "phpMiniAdmin Login Panel - Detect" module is designed to detect the presence of the phpMiniAdmin login panel. phpMiniAdmin is a lightweight, standalone PHP script that provides a web-based interface for managing MySQL databases. This module focuses on identifying instances of the phpMiniAdmin login panel, which can help in identifying potential security risks or misconfigurations.

This module has an informative severity level, meaning it provides valuable information but does not indicate a direct vulnerability or misconfiguration.

This module was authored by nullfuzz.


The detection of the phpMiniAdmin login panel does not directly indicate any impact or vulnerability. However, it can provide insights into the presence of this specific software, which may be useful for further analysis or security assessments.

How does the module work?

The "phpMiniAdmin Login Panel - Detect" module works by sending an HTTP GET request to the "/phpminiadmin.php" path. It then applies matching conditions to determine if the response indicates the presence of the phpMiniAdmin login panel.

An example of a matching condition used in this module is:

status_code == 200 and contains(body, "<title>phpMiniAdmin")

This condition checks if the response status code is 200 (indicating a successful request) and if the response body contains the HTML title tag "<title>phpMiniAdmin". If both conditions are met, the module considers the phpMiniAdmin login panel to be detected.

It's important to note that this module only performs detection and does not perform any active exploitation or modification of the target system.

For more information about phpMiniAdmin, you can refer to the official GitHub repository.


- Max Request: 1 - Verified: True - Shodan Query: http.html:"phpMiniAdmin"

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
dsl: status_code == 200, contains(body, `<tit...
Passive global matcher
No matching conditions.
On match action
Report vulnerability