id: reportico-admin-panel

info:
  name: Reportico Administration Page - Detect
  author: geeknik
  severity: info
  description: |
    Create a simple report using the designer front end in seconds from a single SQL statement. Add expressions, user criteria, charts, groups, aggregations, page headers, page footers, hyperlinks and even custom plugin code.
  reference:
    - https://www.reportico.org/site2/index.php
    - https://github.com/reportico-web/reportico
  metadata:
    verified: true
    max-request: 2
    shodan-query: title:"Reportico Administration Page"
  tags: panel,reportico,login,detect

http:
  - method: GET
    path:
      - "{{BaseURL}}/run.php?project=admin&execute_mode=ADMIN&clear_session=1"
      - "{{BaseURL}}/reportico/run.php?project=admin&execute_mode=ADMIN&clear_session=1"

    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Reportico Administration"
          - "reportico_"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502205cbf096783923be30091bd2281d4ae09c99f1cb1a6715b9cd850c27f2aea2828022100ef7fcfb69f5d91b3854635d9ff654da280dbd9185cab34501b04de8c3cd7aff0:922c64590222798bb761d5b6d8e72950