Retool Login Panel - Detect

What is the "Retool Login Panel - Detect?"

The "Retool Login Panel - Detect" module is designed to detect the presence of the Retool login panel. Retool is a software platform that allows users to build internal tools and applications. This module focuses on identifying any misconfigurations or vulnerabilities related to the Retool login panel.

This module has an informative severity level, which means it provides valuable information but does not pose an immediate threat.

This module was authored by DhiyaneshDk.

Impact

The impact of the Retool login panel detection module is primarily informational. It helps identify potential security weaknesses or misconfigurations in the Retool login panel, allowing users to take appropriate actions to mitigate any risks.

How does the module work?

The module works by sending an HTTP GET request to the "/auth/login" path of the target website. It then applies two matching conditions to determine if the Retool login panel is present:

- The module checks if the response body contains the HTML title tag "<title>Retool</title>". - The module verifies that the response status code is 200, indicating a successful request.

If both conditions are met, the module reports the detection of the Retool login panel.

Example HTTP request:

GET /auth/login

The module's matching conditions:

- Condition 1: The response body must contain the HTML title tag "<title>Retool</title>". - Condition 2: The response status code must be 200.

By analyzing these conditions, the module determines if the Retool login panel is present on the target website.