Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Fortinet FortiWeb Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#fortinet#fortiweb#login
Description

What is the "Fortinet FortiWeb Login Panel - Detect?"

The "Fortinet FortiWeb Login Panel - Detect" module is designed to detect the presence of the Fortinet FortiWeb login panel. Fortinet FortiWeb is a web application firewall that provides protection against various web-based attacks. This module focuses on identifying the login panel specifically.

This module is classified as informative, meaning it provides valuable information about the target system but does not indicate any immediate vulnerabilities or misconfigurations.

Author: PR3R00T

Impact

The detection of the Fortinet FortiWeb login panel does not directly indicate any impact or vulnerability. It simply confirms the presence of the login panel, which can be used for further analysis or security assessments.

How does the module work?

The module works by sending a GET request to the "/login" path of the target system. It then applies matching conditions to determine if the Fortinet FortiWeb login panel is present.

The matching conditions include:

- Checking the response body for specific words such as "Please login", "ftnt-fortinet-grid", and "main-fortiweb.css". - Verifying that the response status code is 200 (OK).

If both conditions are met, the module reports the detection of the Fortinet FortiWeb login panel.

Example HTTP request:

GET /login

Note: The actual module definition is not shown here for simplicity.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login
Matching conditions
word: Please login, ftnt-fortinet-grid, main-f...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability