Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

VMware Horizon Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#horizon#vmware#edb#panel
Description

What is the "VMware Horizon Login Panel - Detect?"

The "VMware Horizon Login Panel - Detect" module is designed to detect the presence of the VMware Horizon login panel. VMware Horizon is a virtual desktop infrastructure (VDI) solution that allows users to access their desktops and applications remotely. This module focuses on identifying the login panel specifically.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: dhiyaneshDK, pdteam

Impact

This module does not have a direct impact on the system. It is purely a detection module and does not perform any actions beyond identifying the presence of the VMware Horizon login panel.

How does the module work?

The module works by sending an HTTP GET request to the "/portal/webclient/index.html" path. It then applies matching conditions to the response body to determine if the VMware Horizon login panel is present.

The matching conditions used in this module are:

- Condition 1: The response body must contain the phrase "Missing route token in request" or "VMware Horizon".

If both conditions are met, the module considers the VMware Horizon login panel to be detected.

Example HTTP request:

GET /portal/webclient/index.html

For more information, refer to the VMware Horizon login panel exploit database entry.

Metadata: max-request: 2

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/portal/webclient/in...
Matching conditions
regex: (?m)^Missing route token in request$, VM...
Passive global matcher
No matching conditions.
On match action
Report vulnerability