Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SAP Web Dispatcher detection

By kannthu

Informative
Vidoc logoVidoc Module
#sap#webserver#proxy#tech
Description

What is the "SAP Web Dispatcher detection?"

The "SAP Web Dispatcher detection" module is designed to detect the presence of the SAP Web Dispatcher service. SAP Web Dispatcher is a web server proxy that acts as an entry point for HTTP and HTTPS requests to SAP systems. This module focuses on identifying misconfigurations or vulnerabilities related to the SAP Web Dispatcher service.

This module has an informative severity level, meaning it provides valuable information without indicating a critical security issue. It is authored by randomstr1ng.

Impact

The impact of the SAP Web Dispatcher detection module is primarily informational. It helps users identify potential misconfigurations or vulnerabilities in their SAP Web Dispatcher setup. By detecting the presence of the SAP Web Dispatcher service, users can ensure its proper configuration and security.

How does the module work?

The SAP Web Dispatcher detection module works by sending an HTTP request to a specific path ("/inormalydonotexist") and analyzing the response. If the response body contains the phrase "This error page was generated by SAP Web Dispatcher," the module considers it a match.

The module uses a single HTTP request template with the following details:

Method: GET
Path: /inormalydonotexist
Headers: None

The matching condition for this module is based on the response body. It checks if the phrase "This error page was generated by SAP Web Dispatcher" is present. If the condition is met, the module reports a successful detection of the SAP Web Dispatcher service.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/inormalydonotexist
Matching conditions
word: This error page was generated by SAP Web...
Passive global matcher
No matching conditions.
On match action
Report vulnerability