Submitty Login Panel - Detect

What is the "Submitty Login Panel - Detect" module?

The "Submitty Login Panel - Detect" module is designed to detect the presence of the Submitty login panel. Submitty is an open-source software used for online course management. This module focuses on identifying any misconfigurations or vulnerabilities related to the Submitty login panel. The severity of this module is classified as informative, meaning it provides valuable information without indicating a critical security issue. The original author of this module is not specified.

Impact

This module does not have a direct impact on the target system. Instead, it provides information about the presence or absence of the Submitty login panel, which can be used to assess the security posture of the system.

How the module works?

The "Submitty Login Panel - Detect" module works by sending an HTTP GET request to the "/authentication/login" path of the target system. It then applies two matching conditions to determine if the Submitty login panel is present:

- The module checks the response body for the presence of the "submitty-banner" and "https://submitty.org" keywords. If both keywords are found, it indicates the presence of the Submitty login panel. - The module also verifies that the HTTP response status code is 200, indicating a successful request. This condition ensures that the target system is accessible and responsive.

If both matching conditions are met, the module reports a successful detection of the Submitty login panel.