Rundeck Login Panel - Detect

What is the "Rundeck Login Panel - Detect?"

The "Rundeck Login Panel - Detect" module is designed to detect the presence of the Rundeck login panel. Rundeck is a software that allows for the management and automation of workflows. This module focuses on identifying potential misconfigurations in the Rundeck login panel.

This module has an informative severity level, which means it provides valuable information without indicating a critical vulnerability.

Impact

This module does not have a direct impact on the target system. It is designed to provide information about the presence or absence of the Rundeck login panel and potential misconfigurations.

How the module works?

The "Rundeck Login Panel - Detect" module works by sending an HTTP GET request to the "/user/login" path of the target system. It then applies matching conditions to determine if the Rundeck login panel is present and if the response status is 200 (OK).

The matching conditions for this module are as follows:

- The response body must contain the string "alt="Rundeck"" or the string "/assets/rundeck". - The response status must be 200 (OK).

If both matching conditions are met, the module will report a successful detection of the Rundeck login panel.