Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "SAP Web Dispatcher detection" module is designed to detect the presence of the SAP Web Dispatcher service. SAP Web Dispatcher is a web server proxy that acts as an entry point for HTTP and HTTPS requests to SAP systems. This module focuses on identifying misconfigurations or vulnerabilities related to the SAP Web Dispatcher service.
This module has an informative severity level, meaning it provides valuable information without indicating a critical security issue. It is authored by randomstr1ng.
The impact of the SAP Web Dispatcher detection module is primarily informational. It helps users identify potential misconfigurations or vulnerabilities in their SAP Web Dispatcher setup. By detecting the presence of the SAP Web Dispatcher service, users can ensure its proper configuration and security.
The SAP Web Dispatcher detection module works by sending an HTTP request to a specific path ("/inormalydonotexist") and analyzing the response. If the response body contains the phrase "This error page was generated by SAP Web Dispatcher," the module considers it a match.
The module uses a single HTTP request template with the following details:
Method: GET
Path: /inormalydonotexist
Headers: None
The matching condition for this module is based on the response body. It checks if the phrase "This error page was generated by SAP Web Dispatcher" is present. If the condition is met, the module reports a successful detection of the SAP Web Dispatcher service.