Zipkin Login Panel - Detect

What is the "Zipkin Login Panel - Detect?"

The "Zipkin Login Panel - Detect" module is designed to detect the presence of the Zipkin login panel. Zipkin is a distributed tracing system that helps gather timing data for requests made in a microservices architecture. This module focuses on identifying the login panel specifically.

The severity of this module is classified as informative, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by pdteam.

Impact

The impact of detecting the Zipkin login panel is primarily informational. It does not indicate any immediate security risks or vulnerabilities. Instead, it provides insights into the presence of the login panel, which can be useful for further analysis and configuration management.

How does the module work?

The "Zipkin Login Panel - Detect" module works by sending an HTTP GET request to the "/zipkin/" path. It then examines the response body for the presence of the string "webpackJsonpzipkin-lens" using a word matching condition.

Here is an example of the HTTP request:

GET /zipkin/ HTTP/1.1
Host: [target host]

The module's matching condition checks if the response body contains the specified string "webpackJsonpzipkin-lens". If a match is found, the module reports the detection of the Zipkin login panel.