Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Sophos Firewall Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#sophos
Description

What is the "Sophos Firewall Login Panel - Detect?"

The "Sophos Firewall Login Panel - Detect" module is designed to detect the presence of the Sophos Firewall login panel. It targets the Sophos Firewall software and helps identify potential misconfigurations or vulnerabilities. The severity of this module is classified as informative, meaning it provides valuable information but does not pose an immediate threat.

This module was authored by organiccrap and daffainfo.

Impact

The detection of the Sophos Firewall login panel does not directly indicate any impact or risk. However, it can be an important step in assessing the security posture of a network protected by Sophos Firewall. By identifying the login panel, administrators can ensure proper configuration and take necessary actions to mitigate any potential vulnerabilities.

How does the module work?

The "Sophos Firewall Login Panel - Detect" module operates by sending HTTP requests to specific paths associated with the Sophos Firewall login panel. It uses matching conditions to determine if the login panel is present.

One example of an HTTP request sent by this module is:

GET /webconsole/webpages/login.jsp

The module uses two matching conditions:

- The first condition checks if the response body contains the words "<title>Sophos</title>" or "uiLangToHTMLLangAttributeValueMapping". - The second condition verifies that the HTTP response status is 200 (OK).

Both conditions must be met for the module to detect the Sophos Firewall login panel.

It is important to note that this module is part of the Vidoc platform, which utilizes multiple modules to perform scanning and testing. Each module represents a specific test case.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/webconsole/webpages.../userportal/webpages...
Matching conditions
word: <title>Sophos</title>, uiLangToHTMLLangA...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability