Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Radius Manager Admininstration Control Panel Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#radius#edb
Description

What is the "Radius Manager Administration Control Panel Login Panel - Detect" module?

The "Radius Manager Administration Control Panel Login Panel - Detect" module is designed to detect the presence of the Radius Manager Administration Control Panel login panel. This module targets the Radius Manager software, which is used for managing and controlling access to network resources.

The severity of this module is classified as informative, meaning it provides information about the presence of the login panel but does not indicate any specific vulnerability or misconfiguration.

This module was authored by dhiyaneshDK.

Impact

This module does not directly impact the security of the system. It simply detects the presence of the Radius Manager Administration Control Panel login panel, providing information about the software being used.

How does the module work?

The module works by sending HTTP requests to specific paths, including "/admin.php", "/radiusmanager/user.php", and "/user.php", using the GET method. It then applies matching conditions to the responses to determine if the login panel is present.

The matching conditions used in this module are:

- Title Matcher: The response body must contain the HTML title tag "<title>Radius Manager - User Control Panel</title>". - Status Matcher: The response status code must be 200 (OK).

If both matching conditions are met, the module reports the detection of the Radius Manager Administration Control Panel login panel.

For example, the module may send a request to "http://example.com/admin.php" and receive a response with a status code of 200 and the HTML title tag "<title>Radius Manager - User Control Panel</title>". This would indicate the presence of the login panel.

For more information, you can refer to the Exploit Database.

Metadata: max-request: 4

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/admin.php/radiusmanager/user..../user.php
Matching conditions
word: <title>Radius Manager - User Control Pan...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability