SGP Login Panel - Detect

What is the "SGP Login Panel - Detect?"

The "SGP Login Panel - Detect" module is designed to detect the presence of the SGP login panel. This module is used to identify potential misconfigurations or vulnerabilities in the login panel of the SGP software. The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat. The original author of this module is dhiyaneshDK.

Impact

This module does not have a direct impact on the system or software being scanned. Instead, it provides information about the presence of the SGP login panel, which can help identify potential security risks or misconfigurations.

How does the module work?

The "SGP Login Panel - Detect" module works by sending an HTTP GET request to the "/accounts/login?next=/admin/" path. It then applies two matching conditions to determine if the SGP login panel is present:

- The module checks if the response contains the HTML title tag "<title>SGP</title>". - The module verifies that the response status is 200, indicating a successful request.

If both conditions are met, the module reports the detection of the SGP login panel.

Classification:

CWE-ID: CWE-200

CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Metadata:

max-request: 1

shodan-query: http.title:"SGP"