Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Zipkin Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#zipkin
Description

What is the "Zipkin Login Panel - Detect?"

The "Zipkin Login Panel - Detect" module is designed to detect the presence of the Zipkin login panel. Zipkin is a distributed tracing system that helps gather timing data for requests made in a microservices architecture. This module focuses on identifying the login panel specifically.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by pdteam.

Impact

The impact of detecting the Zipkin login panel is primarily informational. It does not indicate any immediate security risks or vulnerabilities. Instead, it provides insights into the presence of the login panel, which can be useful for further analysis and configuration management.

How does the module work?

The "Zipkin Login Panel - Detect" module works by sending an HTTP GET request to the "/zipkin/" path. It then examines the response body for the presence of the string "webpackJsonpzipkin-lens" using a word matching condition.

Here is an example of the HTTP request:

GET /zipkin/ HTTP/1.1
Host: [target host]

The module's matching condition checks if the response body contains the specified string "webpackJsonpzipkin-lens". If a match is found, the module reports the detection of the Zipkin login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/zipkin/
Matching conditions
word: webpackJsonpzipkin-lens
Passive global matcher
No matching conditions.
On match action
Report vulnerability