Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SAP Web Dispatcher admin portal detection

By kannthu

Informative
Vidoc logoVidoc Module
#sap#webserver#proxy#tech
Description

SAP Web Dispatcher admin portal detection

What is the "SAP Web Dispatcher admin portal detection?"

The "SAP Web Dispatcher admin portal detection" module is designed to detect the presence of the SAP Web Dispatcher Admin Portal. This module focuses on identifying misconfigurations or vulnerabilities related to the SAP Web Dispatcher software. The severity of the findings is informative, meaning it provides valuable information but does not indicate a critical security issue. The original author of this module is randomstr1ng.

Impact

The impact of the SAP Web Dispatcher admin portal detection module is primarily informational. It helps identify potential misconfigurations or vulnerabilities in the SAP Web Dispatcher Admin Portal, allowing administrators to take appropriate actions to secure their systems.

How does the module work?

The module works by sending HTTP requests to specific paths and analyzing the responses for matching conditions. In the case of the SAP Web Dispatcher admin portal detection, the module sends a GET request to the path "/sap/wdisp/admin/public/default.html". It then applies several matching conditions to determine if the SAP Web Dispatcher Admin Portal is present:

- Header Matcher: The module checks if the response header contains the words "Basic realm="WEB ADMIN"" or "SAP NetWeaver Application Server". If either of these words is found, it indicates the presence of the SAP Web Dispatcher Admin Portal. - Status Matcher: The module checks if the response status code is either 401 (Unauthorized) or 200 (OK). If either of these status codes is returned, it suggests the presence of the SAP Web Dispatcher Admin Portal. - Body Matcher: The module searches for the words "SAP Web Dispatcher" or "" in the response body. If any of these words are found, it indicates the presence of the SAP Web Dispatcher Admin Portal.

By combining these matching conditions, the module can accurately detect the SAP Web Dispatcher Admin Portal.

For example, the module sends a GET request to "/sap/wdisp/admin/public/default.html" and checks if the response header contains the words "Basic realm="WEB ADMIN"" or "SAP NetWeaver Application Server". It also verifies if the response status code is either 401 or 200. Additionally, it searches for the words "SAP Web Dispatcher" or "" in the response body. If any of these conditions are met, the module reports the presence of the SAP Web Dispatcher Admin Portal.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/sap/wdisp/admin/pub...
Matching conditions
word: Basic realm="WEB ADMIN", SAP NetWeaver A...and
status: 401, 200and
word: SAP Web Dispatcher, <title>Administratio...
Passive global matcher
No matching conditions.
On match action
Report vulnerability