Checkpoint Login Panel - Detect

What is the "Checkpoint Login Panel - Detect?"

The "Checkpoint Login Panel - Detect" module is designed to detect the presence of the Checkpoint login panel. Checkpoint is a software developed by Check Point Software Technologies Ltd. This module focuses on identifying the login panel and does not perform any further actions. The severity of this module is classified as informative, meaning it provides valuable information but does not pose a direct security risk. The original author of this module is 0x240x23elu.

Impact

This module does not have any direct impact as it only detects the presence of the Checkpoint login panel. However, the information gathered can be used to assess the security posture of the system and identify potential vulnerabilities or misconfigurations.

How does the module work?

The "Checkpoint Login Panel - Detect" module works by sending HTTP requests to specific paths ("/sslvpn/Login/Login" and "/Login/Login") and then applying matching conditions to determine if the Checkpoint login panel is present. The module uses the following matching conditions:

- Status: The response status code must be 200. - Body: The response body must contain the following words: "Check Point Software Technologies Ltd. All rights reserved." and "/Login/images/CompanyLogo.png". - Header: The response header must contain the word "text/html".

If all the matching conditions are met, the module considers the Checkpoint login panel to be detected. The module does not perform any further actions beyond reporting the detection.

Example HTTP request:

GET /sslvpn/Login/Login

Note: The above example is a simplified representation of the HTTP request and does not include headers or other details.