BeyondTrust Login Panel - Detect

What is the "BeyondTrust Login Panel - Detect?"

The "BeyondTrust Login Panel - Detect" module is designed to detect the presence of the BeyondTrust login panel. BeyondTrust is a software solution that provides privileged access management (PAM) capabilities. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a critical vulnerability or misconfiguration.

Author: r3dg33k, nuk3s3c

Impact

The impact of detecting the BeyondTrust login panel is primarily informational. It signifies the presence of the login panel, but it does not indicate any immediate security risks or vulnerabilities.

How does the module work?

The module works by sending an HTTP GET request to the "/WebConsole/" path and analyzing the response body. It looks for the presence of the "" tag within the response body as a matching condition.

Example HTTP request:

GET /WebConsole/ HTTP/1.1
Host: [target_host]

The matching condition checks if the response body contains the "" tag. If the condition is met, the module reports the detection of the BeyondTrust login panel.

Metadata:

- max-request: 1 - shodan-query: http.html:"BeyondInsight"