Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Puppetboard Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#puppet#exposure
Description

What is the "Puppetboard Panel - Detect" module?

The "Puppetboard Panel - Detect" module is a test case designed to detect the presence of the Puppetboard panel. Puppetboard is a web-based user interface for Puppet, a configuration management tool. This module focuses on identifying the Puppetboard panel and providing information about its configuration.

This module is classified as informative, meaning it provides valuable insights but does not indicate any specific vulnerabilities or misconfigurations.

Author: c-sh0, daffainfo

Impact

The impact of detecting the Puppetboard panel is primarily informational. It helps users gain visibility into their Puppet infrastructure and understand the presence of Puppetboard as part of their configuration management setup.

How does the module work?

The "Puppetboard Panel - Detect" module works by sending HTTP requests and applying matching conditions to identify the presence of the Puppetboard panel. It uses the following matching conditions:

- Matcher 1: It searches for the presence of the Puppetboard CSS stylesheet link in the HTML body of the target page. - Matcher 2: It checks if the HTTP response status is 200, indicating a successful request.

If both matching conditions are met, the module considers the Puppetboard panel to be detected.

Example HTTP request:

GET /target-page HTTP/1.1
Host: example.com
User-Agent: Vidoc-Scanner

Reference: https://github.com/voxpupuli/puppetboard

Metadata:

- Max request: 1 - Verified: true - Shodan query: http.title:"Puppetboard"

Module preview

Concurrent Requests (0)
Passive global matcher
word: <a href="https://github.com/voxpupuli/pu...and
status: 200
On match action
Report vulnerability