Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "XXLJOB Admin Login Panel - Detect" module is designed to detect the presence of the XXLJOB admin login panel. XXLJOB is a software that provides job scheduling and management capabilities. This module focuses on identifying the login panel specifically.
The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.
This module was authored by pdteam, daffainfo, and ritikchaddha.
The impact of detecting the XXLJOB admin login panel is primarily informational. It indicates that the login panel is accessible and can be used for authentication purposes. However, it does not imply any security vulnerabilities or misconfigurations.
The module works by sending HTTP requests to specific paths associated with the XXLJOB admin login panel. It then applies matching conditions to determine if the panel is present.
For example, one of the HTTP requests sent by the module is a GET request to the "/xxl-job-admin/toLogin" and "/toLogin" paths. The module checks the response body for the presence of the "XXLJOB" string and verifies that the response status is 200.
The matching conditions used by the module are:
- Matcher 1: Check if the response body contains the "XXLJOB" string. - Matcher 2: Check if the response status is 200.The module considers both matchers to be true if they are met simultaneously.