Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "VMware Horizon Login Panel - Detect" module is designed to detect the presence of the VMware Horizon login panel. VMware Horizon is a virtual desktop infrastructure (VDI) solution that allows users to access their desktops and applications remotely. This module focuses on identifying the login panel specifically.
This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.
Author: dhiyaneshDK, pdteam
This module does not have a direct impact on the system. It is purely a detection module and does not perform any actions beyond identifying the presence of the VMware Horizon login panel.
The module works by sending an HTTP GET request to the "/portal/webclient/index.html" path. It then applies matching conditions to the response body to determine if the VMware Horizon login panel is present.
The matching conditions used in this module are:
- Condition 1: The response body must contain the phrase "Missing route token in request" or "VMware Horizon".If both conditions are met, the module considers the VMware Horizon login panel to be detected.
Example HTTP request:
GET /portal/webclient/index.html
For more information, refer to the VMware Horizon login panel exploit database entry.
Metadata: max-request: 2