Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "R WebServer Login Panel - Detect" module is designed to detect the presence of the R WebServer login panel. This module targets the R WebServer software and helps identify potential misconfigurations or vulnerabilities. The severity of this module is classified as informative, providing valuable insights without indicating an immediate threat. The original author of this module is pussycat0x.
This module does not directly impact the system or application being scanned. Instead, it provides information about the presence of the R WebServer login panel, allowing users to assess the security posture of their system and take appropriate actions to mitigate any potential risks.
The "R WebServer Login Panel - Detect" module works by sending an HTTP GET request to the target system's root path ("/") and applying specific matching conditions to determine if the R WebServer login panel is present. The module uses two matchers to validate the presence of the login panel:
- Matcher 1: It checks if the response body contains the HTML title tag "<title>R WebServer</title>
".
- Matcher 2: It verifies if the HTTP response status code is 200 (OK).
If both matchers return positive results, the module reports the detection of the R WebServer login panel.
Example HTTP request:
GET / HTTP/1.1
Host: [target_host]
Note: Replace "[target_host]" with the actual hostname or IP address of the target system.
For more information, you can refer to the following resources:
- https://www.exploit-db.com/ghdb/7132Metadata:
max-request: 1