Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Fortinet FortiTester Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#fortinet
Description

What is the "Fortinet FortiTester Login Panel - Detect" module?

The "Fortinet FortiTester Login Panel - Detect" module is designed to detect the presence of the Fortinet FortiTester login panel. FortiTester is a software tool developed by Fortinet that allows users to test the performance and security of their network infrastructure. This module specifically focuses on detecting the login panel, which is an important component of the FortiTester software.

This module is categorized as informative, meaning it provides valuable information about the target system but does not indicate any specific vulnerabilities or misconfigurations.

Impact

This module does not have any direct impact on the target system. It simply detects the presence of the Fortinet FortiTester login panel, providing information to the user about the availability of this component.

How the module works?

The "Fortinet FortiTester Login Panel - Detect" module works by sending HTTP requests to specific paths on the target system. It checks for several matching conditions to determine if the FortiTester login panel is present.

Here is an example of an HTTP request sent by this module:

GET /auth/login HTTP/1.1
Host: [target_host]

The module uses the following matching conditions to identify the FortiTester login panel:

- The response body must contain the HTML title tag "<title>FortiTester</title>". - The response headers must include the content type "text/html". - The response status code must be "200" (OK).

If all of these conditions are met, the module considers the FortiTester login panel to be present on the target system.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/auth/login/index.html
Matching conditions
word: <title>FortiTester</title>and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability