Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Fiori Launchpad Login Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "Fiori Launchpad Login Panel - Detect" module?

The "Fiori Launchpad Login Panel - Detect" module is designed to detect the presence of the Fiori Launchpad login panel. It targets the Fiori Launchpad software and aims to identify any misconfigurations or vulnerabilities related to the login panel. The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat.

This module was authored by dhiyaneshDK.


The detection of the Fiori Launchpad login panel does not directly indicate any impact or risk. However, it can help identify potential security weaknesses or configuration issues that may require further investigation and remediation.

How does the module work?

The "Fiori Launchpad Login Panel - Detect" module utilizes HTTP request templates and matching conditions to identify the presence of the login panel. It sends a GET request to the "/sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2=disabled" path and applies the following matching conditions:

- The response body must contain the words "<title>Logon</title>" and "fioriLogin". - The response status code must be 200.

If both conditions are met, the module considers the Fiori Launchpad login panel to be detected.

Example HTTP request:

GET /sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2=disabled

The module then reports the detection of the login panel as an informative finding.

For more information, you can refer to the reference.


max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <title>Logon</title>, fioriLoginand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability