Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Plesk Obsidian Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#plesk#login#edb
Description

What is the "Plesk Obsidian Login Panel - Detect" module?

The "Plesk Obsidian Login Panel - Detect" module is designed to detect the presence of the Plesk Obsidian login panel. Plesk Obsidian is a web hosting control panel that allows users to manage their websites and servers. This module specifically focuses on identifying the login panel of Plesk Obsidian. It is an informative module that helps users identify potential vulnerabilities or misconfigurations related to the login panel.

This module has an informative severity level, which means it provides valuable information without indicating any immediate threats or vulnerabilities. It is authored by an unknown author.

Impact

This module does not have any direct impact on the target system. It is solely focused on detecting the presence of the Plesk Obsidian login panel. However, the results of this module can be used to assess the security posture of the target system and identify any potential vulnerabilities or misconfigurations related to the login panel.

How the module works?

The "Plesk Obsidian Login Panel - Detect" module works by sending a GET request to the "/login_up.php" path of the target system. It then applies two matching conditions to determine if the Plesk Obsidian login panel is present:

    - The module checks if the response body contains the phrase "Plesk Obsidian". This indicates the presence of the login panel. - The module also checks if the response status code is 200, which confirms that the login panel page is accessible.

If both conditions are met, the module reports a successful detection of the Plesk Obsidian login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login_up.php
Matching conditions
word: Plesk Obsidianand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability