Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Fiori Launchpad Login Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "Fiori Launchpad Login Panel - Detect?"

The "Fiori Launchpad Login Panel - Detect" module is designed to detect the presence of the Fiori Launchpad login panel. It targets the SAP Fiori Launchpad, which is a web-based entry point for SAP business applications. This module is used to identify any misconfigurations or vulnerabilities related to the login panel.

This module has an informative severity level, which means it provides valuable information but does not indicate a critical security issue.


This module does not have a direct impact on the system. Instead, it helps identify potential security risks or misconfigurations related to the Fiori Launchpad login panel. By detecting these issues, system administrators can take appropriate actions to mitigate any potential risks and ensure the secure operation of the SAP Fiori Launchpad.

How the module works?

The "Fiori Launchpad Login Panel - Detect" module works by sending an HTTP GET request to the "/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html" path of the SAP Fiori Launchpad. It then applies a set of matching conditions to determine if the login panel is present and if the response meets the expected criteria.

The matching conditions for this module include:

- The presence of the "<title>Logon</title>" and "SAP SE" keywords in the response body. - The response header containing the "text/html" content type. - The HTTP status code being 200 (OK).

If all of these conditions are met, the module considers the Fiori Launchpad login panel to be detected.

System administrators can use the results of this module to ensure that the Fiori Launchpad login panel is properly configured and secure.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <title>Logon</title>, SAP SEand
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability