Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Fortinet FortiWeb Login Panel - Detect" module is designed to detect the presence of the Fortinet FortiWeb login panel. Fortinet FortiWeb is a web application firewall that provides protection against various web-based attacks. This module focuses on identifying the login panel specifically.
This module is classified as informative, meaning it provides valuable information about the target system but does not indicate any immediate vulnerabilities or misconfigurations.
Author: PR3R00T
The detection of the Fortinet FortiWeb login panel does not directly indicate any impact or vulnerability. It simply confirms the presence of the login panel, which can be used for further analysis or security assessments.
The module works by sending a GET request to the "/login" path of the target system. It then applies matching conditions to determine if the Fortinet FortiWeb login panel is present.
The matching conditions include:
- Checking the response body for specific words such as "Please login", "ftnt-fortinet-grid", and "main-fortiweb.css". - Verifying that the response status code is 200 (OK).If both conditions are met, the module reports the detection of the Fortinet FortiWeb login panel.
Example HTTP request:
GET /login
Note: The actual module definition is not shown here for simplicity.