Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Wazuh Login Panel" module is designed to detect the presence of the Wazuh open-source security platform's login panel. Wazuh is a comprehensive security solution that helps organizations monitor and protect their IT infrastructure. This module focuses on identifying the login panel, which can provide valuable insights into the security posture of the Wazuh installation.
This module has an informative severity level, meaning it provides valuable information but does not indicate a critical vulnerability or misconfiguration.
Author: cyllective, daffainfo
This module does not directly impact the target system. It is primarily used for information gathering purposes and does not pose any immediate security risks or vulnerabilities.
The "Wazuh Login Panel" module works by sending a GET request to the "/app/login" path of the target system. It then applies two matching conditions to determine if the login panel is present:
If both matching conditions are met, the module considers the Wazuh login panel to be present on the target system.
Example HTTP request:
GET /app/login
Matching conditions:
- Response body contains the words:"id":"wazuh"
, "title":"Wazuh"
, "icon":"plugins/wazuh/img/icon_blue.png"
, and "url":"/app/wazuh"
- Response status code is 200
By analyzing the presence of the Wazuh login panel, organizations can gain insights into the security measures implemented by the Wazuh platform and ensure its proper configuration.
Reference: https://github.com/wazuh/wazuh
Metadata: max-request: 1, shodan-query: http.title:"Wazuh"