Sphider Admin Login Panel - Detect

What is the "Sphider Admin Login Panel - Detect?"

The "Sphider Admin Login Panel - Detect" module is designed to detect the presence of the Sphider admin login panel. Sphider is a web search engine software that allows users to create search functionality on their websites. This module focuses on identifying the admin login panel of Sphider.

This module has an informative severity level, meaning it provides valuable information but does not pose an immediate threat.

Author: dhiyaneshDK

Impact

The detection of the Sphider admin login panel does not directly indicate any impact or vulnerability. However, it can be a useful piece of information for security professionals and website administrators to assess the security posture of their Sphider installation.

How does the module work?

The module works by sending HTTP requests to specific paths commonly associated with the Sphider admin login panel. The paths include "/admin/spider.php", "/sphider/admin/admin.php", and "/search/admin/admin.php".

The module then applies matching conditions to the responses received from these paths. It checks if the response contains the HTML title tag "" and if the response status is 200 (OK).

Example HTTP request:

GET /admin/spider.php

Matching conditions:

- The response must contain the HTML title tag "<title>Sphider Admin Login</title>". - The response status must be 200 (OK).

The module uses these matching conditions to determine if the Sphider admin login panel is present.

Reference: https://www.exploit-db.com/ghdb/6641

Metadata: max-request: 3