pfSense Login Panel - Detect

What is the "pfSense Login Panel - Detect?"

The "pfSense Login Panel - Detect" module is designed to detect the presence of the pfSense login panel. pfSense is an open-source firewall and routing platform that provides a web-based interface for managing network security. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

This module was authored by idealphase.

Impact

The detection of the pfSense login panel does not have a direct impact on the security of the system. It simply indicates the presence of the login panel, which is a normal component of the pfSense firewall and routing platform.

How does the module work?

The "pfSense Login Panel - Detect" module works by sending HTTP requests to the target system and analyzing the responses. It uses specific matching conditions to determine if the target system has the pfSense login panel.

One of the matching conditions is checking the response body for the presence of the "<title>pfSense - Login</title>" HTML tag. This tag is typically found in the HTML source code of the pfSense login panel page.

Another matching condition is checking the HTTP status code of the response. In this case, the module expects a status code of 200, indicating a successful response.

By combining these matching conditions, the module can accurately detect the presence of the pfSense login panel.

Example HTTP request:

GET / HTTP/1.1
Host: example.com

The module also provides additional metadata, such as the maximum number of requests to be sent and a Shodan query for further investigation.

It's important to note that this module only detects the presence of the pfSense login panel and does not perform any vulnerability scanning or configuration checks.