SeedDMS Login Panel - Detect

What is the "SeedDMS Login Panel - Detect" module?

The "SeedDMS Login Panel - Detect" module is a test case designed to detect the presence of the SeedDMS login panel. SeedDMS is a document management system that allows users to store, manage, and share documents securely. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: pussycat0x, daffainfo

Impact

This module does not have a direct impact on the system. It is purely a detection module and does not perform any actions beyond identifying the presence of the SeedDMS login panel.

How does the module work?

The module works by sending HTTP requests to specific paths associated with the SeedDMS login panel. It then applies matching conditions to determine if the login panel is present.

Example HTTP request:

GET /out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php

The module uses two matching conditions:

- The first condition checks if the response body contains the following HTML code: <a href="/out/out.ViewFolder.php">SeedDMS</a> or <a href="../out/out.ViewFolder.php?folderid=1">SeedDMS</a>. This indicates the presence of the SeedDMS login panel. - The second condition checks if the response status is 200, indicating a successful request.

Both conditions must be met for the module to detect the SeedDMS login panel.