Bomgar Login Panel - Detect

By kannthu

Informative

Vidoc Module

#panel#bomgar#beyondtrust

Description

What is the "Bomgar Login Panel - Detect?"

The "Bomgar Login Panel - Detect" module is designed to detect the presence of the Bomgar Login panel. Bomgar is a software solution that provides secure remote support and privileged access management. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: pdteam

Impact

The impact of detecting the Bomgar Login panel is primarily informational. It helps users identify the presence of the login panel, which can be useful for understanding the remote support capabilities and access management of a system.

How does the module work?

The "Bomgar Login Panel - Detect" module works by sending HTTP requests to specific paths on the target system. It checks for two matching conditions:

- The response status code is 200, indicating a successful request. - The response body contains the term "bomgar" (case-insensitive), indicating the presence of the Bomgar software.

If both conditions are met, the module considers the Bomgar Login panel to be detected.

Example HTTP request:

GET /appliance/login.ns

The module does not perform any actions beyond detecting the login panel. It is a standalone test case within the Vidoc platform.

Module preview

Concurrent Requests (1)

1. HTTP Request template

GET/favicon.ico/appliance/login.ns

Matching conditions

dsl: status_code==200, (`829321644` == mmh3(b...or

dsl: status_code==200, contains(toLower(body)...

Passive global matcher

No matching conditions.

On match action

Report vulnerability