Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Fortinet FortiNAC Login Panel - Detect" module is designed to detect the presence of the Fortinet FortiNAC login panel. Fortinet FortiNAC is a network access control solution that helps organizations secure their networks by enforcing policies and monitoring network access. This module focuses on identifying the login panel, which can provide valuable information about the presence of the FortiNAC solution.
This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.
This module was authored by johnk3r.
The detection of the Fortinet FortiNAC login panel does not directly indicate any impact or risk. It simply provides information about the presence of the login panel, which can be useful for further analysis and assessment of the network security posture.
The module works by sending an HTTP GET request to the "/WelcomeActions.jsp?action=ajaxGetWelcomeViewInfo" endpoint. It then applies two matching conditions to determine if the FortiNAC login panel is present:
- The response body must contain the words "FortiNAC" and "\"product\":". - The response status code must be 200.If both conditions are met, the module considers the Fortinet FortiNAC login panel to be detected.
Here is an example of the HTTP request sent by the module:
GET /WelcomeActions.jsp?action=ajaxGetWelcomeViewInfo
The module does not perform any further actions or exploit any vulnerabilities. It solely focuses on detecting the presence of the login panel.