Lansweeper Login Panel - Detect

What is the "Lansweeper Login Panel - Detect?"

The "Lansweeper Login Panel - Detect" module is designed to detect the presence of the login panel for Lansweeper, a software used for IT asset management and network inventory. This module focuses on identifying the login panel and does not perform any further actions. The severity of this module is classified as informative, meaning it provides valuable information but does not pose a direct security risk. The original author of this module is divya_mudgal.

Impact

This module does not have any direct impact as it only detects the presence of the Lansweeper login panel. However, the information obtained from this detection can be used to assess the security posture of the Lansweeper installation and potentially identify any misconfigurations or vulnerabilities.

How does the module work?

The module works by sending a GET request to the "/login.aspx" path of the target Lansweeper instance. It then applies two matching conditions to determine if the login panel is present:

- The first matcher checks if the response body contains the phrase "Lansweeper - Login". - The second matcher verifies that the response status code is 200, indicating a successful request.

If both matching conditions are met, the module reports the detection of the Lansweeper login panel.

Example HTTP request:

GET /login.aspx

The module does not perform any further actions beyond detecting the login panel.