Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The SAP NetWeaver WebGUI Detection module is designed to identify misconfigurations or potential vulnerabilities in the SAP NetWeaver ABAP Webserver WebGUI. The WebGUI is a web-based user interface for SAP applications. This module is an informative test that helps users assess the security of their SAP NetWeaver WebGUI installations.
This module has a severity level of informative, which means it provides valuable information about the target system but does not actively exploit any vulnerabilities.
This module does not have any direct impact on the target system. It only provides information about potential misconfigurations or vulnerabilities in the SAP NetWeaver WebGUI.
The SAP NetWeaver WebGUI Detection module works by sending a GET request to the "/sap/bc/gui/sap/its/webgui" path of the target system. It then analyzes the response body for specific patterns that indicate the presence of the SAP NetWeaver WebGUI.
The module uses the following matching conditions:
- The response body must contain the word "sap-system-login" or the HTML title tag "".If both conditions are met, the module considers the SAP NetWeaver WebGUI to be present on the target system.
By running this module, users can gain insights into the configuration and potential vulnerabilities of their SAP NetWeaver WebGUI installations.