Pega Infinity Login Panel - Detect

What is the "Pega Infinity Login Panel - Detect" module?

The "Pega Infinity Login Panel - Detect" module is designed to detect the presence of the Pega Infinity login panel. Pega Infinity is a software platform that offers a range of capabilities for building and deploying enterprise applications. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: powerexploit, righettod

Impact

This module does not have a direct impact on the target system. It is purely informational and aims to identify the presence of the Pega Infinity login panel.

How does the module work?

The module works by sending an HTTP GET request to the "/prweb/PRAuth/app/default/" path of the target system. It then applies matching conditions to determine if the Pega Infinity login panel is present.

The matching conditions include:

- Checking for specific words in the response body, such as "alt="Pega Infinity", "alt="Pega Logo", "id = "pegaLogin", and "Pega Platform". - Verifying that the HTTP response status is 200 (OK).

If both conditions are met, the module reports the detection of the Pega Infinity login panel.

Example HTTP request:

GET /prweb/PRAuth/app/default/ HTTP/1.1
Host: [target system]

Note: The actual target system should be replaced with the appropriate hostname or IP address.