Entrust IdentityGuard Self-Service Login Panel - Detect

What is the "Entrust IdentityGuard Self-Service Login Panel - Detect?" module?

The "Entrust IdentityGuard Self-Service Login Panel - Detect" module is designed to detect the presence of the Entrust IdentityGuard Self-Service login panel. This module focuses on identifying misconfigurations, vulnerabilities, or specific software fingerprints related to the login panel.

The severity of this module is classified as informative, meaning it provides valuable information without indicating a critical security issue.

This module was authored by nodauf.

Impact

This module does not directly impact the system or application being scanned. Instead, it provides information about the presence of the Entrust IdentityGuard Self-Service login panel, allowing users to assess the security posture of their system.

How does the module work?

The module utilizes HTTP request templates and matching conditions to identify the Entrust IdentityGuard Self-Service login panel. It employs a specific matcher that checks if the response body contains the term "identityguardselfservice".

Here is an example of an HTTP request that the module may send:

GET /path/to/login HTTP/1.1
Host: example.com
User-Agent: Vidoc-Scanner

The module matches the response of this request against the defined conditions to determine if the Entrust IdentityGuard Self-Service login panel is present.

The matching condition for this module is:

contains(toLower(body),`identityguardselfservice`)

This condition checks if the response body, converted to lowercase, contains the term "identityguardselfservice". If the condition is met, the module reports the detection of the login panel.

The module also includes metadata, such as the maximum number of requests to be sent (max-request: 1).