Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

PuppetDB Dashboard - Detect

By kannthu

Vidoc logoVidoc Module

What is the "PuppetDB Dashboard - Detect" module?

The "PuppetDB Dashboard - Detect" module is designed to detect the presence of the PuppetDB dashboard. PuppetDB is a powerful data warehouse for Puppet, a configuration management tool. The module focuses on identifying the dashboard and providing information about its existence.

This module is classified as informative, meaning it provides valuable insights but does not indicate any specific vulnerabilities or misconfigurations.

Author: DhiyaneshDk


The impact of detecting the PuppetDB dashboard is primarily informational. It helps users understand whether the dashboard is accessible and provides insights into the presence of PuppetDB in the environment.

How does the module work?

The module works by sending an HTTP GET request to the "/pdb/dashboard/index.html" path. It then applies two matching conditions to determine if the PuppetDB dashboard is present:

- The first condition checks if the response body contains the phrase "PuppetDB: Dashboard". - The second condition verifies that the response status is 200 (OK).

If both conditions are met, the module reports the detection of the PuppetDB dashboard.

Example HTTP request:

GET /pdb/dashboard/index.html

Matching conditions:

- Response body must contain the phrase "PuppetDB: Dashboard". - Response status must be 200 (OK).

Note: The module definition and JSON structure are not shown here for simplicity.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: PuppetDB: Dashboardand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability