Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SGP Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#sgp
Description

What is the "SGP Login Panel - Detect?"

The "SGP Login Panel - Detect" module is designed to detect the presence of the SGP login panel. This module is used to identify potential misconfigurations or vulnerabilities in the login panel of the SGP software. The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat. The original author of this module is dhiyaneshDK.

Impact

This module does not have a direct impact on the system or software being scanned. Instead, it provides information about the presence of the SGP login panel, which can help identify potential security risks or misconfigurations.

How does the module work?

The "SGP Login Panel - Detect" module works by sending an HTTP GET request to the "/accounts/login?next=/admin/" path. It then applies two matching conditions to determine if the SGP login panel is present:

- The module checks if the response contains the HTML title tag "<title>SGP</title>". - The module verifies that the response status is 200, indicating a successful request.

If both conditions are met, the module reports the detection of the SGP login panel.

Classification:

CWE-ID: CWE-200

CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Metadata:

max-request: 1

shodan-query: http.title:"SGP"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/accounts/login?next...
Matching conditions
word: <title>SGP</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability