Telerik Report Server Login Panel - Detect

What is the "Telerik Report Server Login Panel - Detect?" module?

The "Telerik Report Server Login Panel - Detect" module is designed to detect the presence of the Telerik Report Server login panel. Telerik Report Server is a software that allows users to create, view, and manage reports. This module focuses on identifying potential misconfigurations or vulnerabilities related to the login panel of the Telerik Report Server.

This module has an informative severity level, which means it provides valuable information but does not indicate an immediate security threat.

Author: ritikchaddha

Impact

The impact of detecting the Telerik Report Server login panel is primarily related to potential misconfigurations or vulnerabilities that may exist within the login panel. This module aims to identify any issues that could potentially compromise the security or functionality of the login panel.

How does the module work?

The module works by sending an HTTP GET request to the "/Account/Login" path of the target website. It then applies matching conditions to determine if the response indicates the presence of the Telerik Report Server login panel.

The matching conditions used in this module are:

- Matcher 1: The response must contain the words "Telerik Report Server". - Matcher 2: The response status code must be 200 (OK).

If both matching conditions are met, the module considers the Telerik Report Server login panel to be detected.

Example HTTP request:

GET /Account/Login

Note: The actual HTTP request may contain additional headers or parameters, but those details are not specified in the module definition.