Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "PuppetDB Dashboard - Detect" module is designed to detect the presence of the PuppetDB dashboard. PuppetDB is a powerful data warehouse for Puppet, a configuration management tool. The module focuses on identifying the dashboard and providing information about its existence.
This module is classified as informative, meaning it provides valuable insights but does not indicate any specific vulnerabilities or misconfigurations.
Author: DhiyaneshDk
The impact of detecting the PuppetDB dashboard is primarily informational. It helps users understand whether the dashboard is accessible and provides insights into the presence of PuppetDB in the environment.
The module works by sending an HTTP GET request to the "/pdb/dashboard/index.html" path. It then applies two matching conditions to determine if the PuppetDB dashboard is present:
- The first condition checks if the response body contains the phrase "PuppetDB: Dashboard". - The second condition verifies that the response status is 200 (OK).If both conditions are met, the module reports the detection of the PuppetDB dashboard.
Example HTTP request:
GET /pdb/dashboard/index.html
Matching conditions:
- Response body must contain the phrase "PuppetDB: Dashboard
".
- Response status must be 200 (OK).
Note: The module definition and JSON structure are not shown here for simplicity.