Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

XXLJOB Admin Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#xxljob#login
Description

What is the "XXLJOB Admin Login Panel - Detect?"

The "XXLJOB Admin Login Panel - Detect" module is designed to detect the presence of the XXLJOB admin login panel. XXLJOB is a software that provides job scheduling and management capabilities. This module focuses on identifying the login panel specifically.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by pdteam, daffainfo, and ritikchaddha.

Impact

The impact of detecting the XXLJOB admin login panel is primarily informational. It indicates that the login panel is accessible and can be used for authentication purposes. However, it does not imply any security vulnerabilities or misconfigurations.

How does the module work?

The module works by sending HTTP requests to specific paths associated with the XXLJOB admin login panel. It then applies matching conditions to determine if the panel is present.

For example, one of the HTTP requests sent by the module is a GET request to the "/xxl-job-admin/toLogin" and "/toLogin" paths. The module checks the response body for the presence of the "XXLJOB" string and verifies that the response status is 200.

The matching conditions used by the module are:

- Matcher 1: Check if the response body contains the "XXLJOB" string. - Matcher 2: Check if the response status is 200.

The module considers both matchers to be true if they are met simultaneously.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/xxl-job-admin/toLog.../toLogin
Matching conditions
word: <a><b>XXL</b>JOB</a>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability