Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "ZOHO ManageEngine APEX IT Help-Desk Panel - Detect" module is designed to detect the presence of the ZOHO ManageEngine APEX panel. This module focuses on identifying misconfigurations or vulnerabilities related to the APEX IT Help Desk software. The severity of the module is classified as informative, meaning it provides valuable information without posing an immediate threat. The original author of this module is dhiyaneshDK.
As an informative module, the "ZOHO ManageEngine APEX IT Help-Desk Panel - Detect" does not directly impact the target system. Instead, it helps identify potential misconfigurations or vulnerabilities that could be exploited by attackers. By detecting the presence of the APEX IT Help Desk panel, system administrators can take appropriate actions to secure their systems and prevent potential security incidents.
The module works by sending an HTTP request to the target system and analyzing the response. It uses specific matching conditions to determine if the APEX IT Help Desk panel is present. The module's HTTP request template targets the "/jsp/index.jsp" path using the GET method. It then applies two matching conditions:
If both matching conditions are met, the module reports the detection of the ZOHO ManageEngine APEX panel.
For example, the module's HTTP request would look like this:
GET /jsp/index.jsp
The module's matching conditions:
- Matcher 1: Check if the response contains the <title>APEX IT Help Desk</title> HTML tag.
- Matcher 2: Verify that the response status is 200.
By analyzing the response based on these matching conditions, the module determines if the APEX IT Help Desk panel is present on the target system.