Kronos Workforce Central Login Panel - Detect

ID: kronos-workforce-central

Severity: info

Author: emadshanab,missing0x00

Tags: panel,kronos

Description

Kronos Workforce Central login panel was detected.

YAML Source

id: kronos-workforce-central

info:
  name: Kronos Workforce Central Login Panel - Detect
  author: emadshanab,missing0x00
  severity: info
  description: Kronos Workforce Central login panel was detected.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-200
  metadata:
    max-request: 2
  tags: panel,kronos

http:
  - method: GET
    path:
      - '{{BaseURL}}/wfc/portal'
      - '{{BaseURL}}/wfc/logon'

    stop-at-first-match: true

    matchers:
      - type: regex
        regex:
          - 'Kronos'
          - 'Workforce Central(R)'
        condition: or
# digest: 4b0a00483046022100e953929e750d43934763ba1710c86420038fb11521de9e19e455b325a040365f0221008c579dd33e8a3d66392dc536ced2dd8fa7ac2cad85d3e402c6a16e71adc4a108:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/exposed-panels/kronos-workforce-central.yaml"

View on Github