Netsparker Login Panel - Detect

What is the "Netsparker Login Panel - Detect" module?

The "Netsparker Login Panel - Detect" module is designed to detect the presence of the Netsparker login panel. Netsparker is a software used for web application security scanning and vulnerability assessment. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a critical vulnerability or misconfiguration.

This module was authored by pussycat0x.

Impact

The impact of detecting the Netsparker login panel is primarily informational. It does not indicate any immediate security risks or vulnerabilities. However, it can provide insights into the presence of Netsparker within the target system, which may be useful for further security assessments.

How does the module work?

The module works by sending an HTTP GET request to the "/account/signin?ReturnUrl=%2f" path of the target system. It then applies two matching conditions to determine if the Netsparker login panel is present:

- The module checks the response body for the presence of the words "Netsparker Ltd" and "Netsparker Enterprise". - It also verifies that the response status code is 200 (OK).

If both conditions are met, the module considers the Netsparker login panel to be detected.

For example, the module may send the following HTTP request:

GET /account/signin?ReturnUrl=%2f HTTP/1.1
Host: [target host]

The matching conditions ensure that the response body contains the specified words and the response status code is 200.

For more information, you can visit the Invicti website.

Metadata:

- Max-request: 1 - Verified: true - Shodan-query: http.title:"Sign in to Netsparker Enter"