Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Rise Up Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#riseup
Description

What is the "Rise Up Login Panel - Detect?"

The "Rise Up Login Panel - Detect" module is designed to detect the presence of the Rise Up login panel. Rise Up is a software that provides a login panel for user authentication. This module focuses on identifying any misconfigurations or vulnerabilities related to the Rise Up login panel. It is an informative module that helps users assess the security of their login panel implementation.

This module has a severity level of informative, which means it provides information about potential security issues but does not actively exploit or cause harm.

Impact

This module does not have a direct impact on the target system. Instead, it helps identify potential security weaknesses in the Rise Up login panel configuration. By detecting misconfigurations or vulnerabilities, users can take appropriate actions to secure their login panel and prevent unauthorized access.

How the module works?

The "Rise Up Login Panel - Detect" module works by sending an HTTP GET request to the "/Account/login" path of the target system. It then applies a set of matching conditions to determine if the Rise Up login panel is present and if any misconfigurations or vulnerabilities exist.

The matching conditions used by this module are as follows:

- The response body must contain either "cfg.envRiseUp", "imgresize.riseup.ai", or "content.riseup.ai". - The response body must also contain the word "login-page". - The HTTP response status code must be 200.

If all of these conditions are met, the module considers the Rise Up login panel to be present and potentially vulnerable to misconfigurations or security issues.

By using this module, users can proactively identify any weaknesses in their Rise Up login panel implementation and take appropriate measures to enhance its security.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/Account/login
Matching conditions
word: cfg.envRiseUp, imgresize.riseup.ai, cont...and
word: login-pageand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability