Zabbix Panel - Detect

What is the "Zabbix Panel - Detect" module?

The "Zabbix Panel - Detect" module is designed to detect the presence of the Zabbix panel. Zabbix is a monitoring software that allows users to track the performance and availability of network devices, servers, and applications. This module focuses on identifying instances of the Zabbix panel and provides information about its configuration.

This module has an informative severity level, which means it provides valuable insights but does not indicate a critical vulnerability or misconfiguration.

Author: dhiyaneshDK

Impact

The impact of detecting the Zabbix panel is primarily informational. It helps security professionals gain visibility into the presence of Zabbix installations within a target environment. This information can be used to assess the overall security posture and identify potential areas of concern.

How does the module work?

The "Zabbix Panel - Detect" module utilizes HTTP request templates and matching conditions to identify instances of the Zabbix panel. It performs the following checks:

- Checks if the response contains the HTML title tag with the content "Warning [refreshed every 30 sec.]" - Verifies that the HTTP response status is 200 (OK)

If both conditions are met, the module considers the target as having a Zabbix panel.

Example HTTP request:

GET / HTTP/1.1
Host: [target]

The module sends an HTTP GET request to the target and analyzes the response to determine if it matches the defined conditions.

Note: The module definition provided in the JSON format contains additional technical details and configuration parameters.