Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "SAP HANA XS Engine Admin Login Panel - Detect" module is designed to detect the presence of the SAP HANA XS Engine admin login panel. This module targets the SAP HANA XS Engine, which is a component of the SAP HANA database system. The severity of this module is classified as informative, meaning it provides information about the presence of the admin login panel but does not indicate any specific vulnerability or misconfiguration. The original author of this module is PR3R00T.
This module does not have any direct impact on the system. It simply detects the presence of the SAP HANA XS Engine admin login panel, providing information about its existence.
The module works by sending an HTTP GET request to the "/sap/hana/xs/formLogin/login.html" path. It then checks the response body for the presence of the "/sap/hana/xs/formLogin/images/sap.png" word. If this word is found, the module considers the admin login panel to be present.
Example HTTP request:
GET /sap/hana/xs/formLogin/login.html
The module uses a word matcher to check if the response body contains the "/sap/hana/xs/formLogin/images/sap.png" word. If the word is found, the module reports the detection of the admin login panel.