Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Sicom MGRNG - Administrative Login Found

By kannthu

Informative
Vidoc logoVidoc Module
#sicom#mgrng#panel
Description

Sicom MGRNG - Administrative Login Found

What is the "Sicom MGRNG - Administrative Login Found?"

The "Sicom MGRNG - Administrative Login Found" module is designed to detect the presence of the administrative login page for the Sicom MGRNG software. Sicom MGRNG is a management panel used for administrative purposes. This module focuses on identifying potential misconfigurations or vulnerabilities related to the login functionality of the Sicom MGRNG software.

The severity of this module is classified as informative, indicating that it provides valuable information about the presence of the administrative login page but does not directly indicate a security vulnerability.

This module was authored by sullo.

Impact

The impact of finding the Sicom MGRNG administrative login page is primarily informational. It signifies that the login functionality for the Sicom MGRNG software is accessible and potentially exposed to unauthorized access. However, the module does not provide specific details about any vulnerabilities or misconfigurations that may exist within the login page.

How the module works?

The "Sicom MGRNG - Administrative Login Found" module operates by sending a GET request to the "/~sicom/mgrng/LoginForm.php" path. It then applies two matching conditions to determine if the login page is present:

    - The module checks the response status code, expecting a 200 status code to indicate a successful response. - It also searches for the presence of the "" string within the response body, indicating the presence of the login page.

If both matching conditions are met, the module reports the discovery of the Sicom MGRNG administrative login page.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/~sicom/mgrng/LoginF...
Matching conditions
status: 200and
word: <title>MGRNG Login</title>
Passive global matcher
No matching conditions.
On match action
Report vulnerability