Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "VMware Workspace ONE UEM Airwatch Login Panel - Detect" module is designed to detect the presence of the VMware Workspace ONE UEM Airwatch login panel. This module focuses on identifying misconfigurations, vulnerabilities, or software fingerprints related to the login panel.
VMware Workspace ONE UEM Airwatch is a comprehensive enterprise mobility management (EMM) solution that enables organizations to manage and secure their mobile devices, applications, and content. The login panel is a crucial component of the Airwatch platform, allowing users to authenticate and access their workspace.
This module has an informative severity level, meaning it provides valuable information without indicating an immediate threat or vulnerability. It helps organizations identify potential issues or weaknesses in their Airwatch login panel configuration.
Author: gevakun, hanlaomo
This module does not directly impact the system or application being scanned. Instead, it provides information about the presence and configuration of the VMware Workspace ONE UEM Airwatch login panel. The impact depends on the specific findings and recommendations provided by the module.
The module works by sending HTTP requests to the targeted system or application and analyzing the responses based on predefined matching conditions. It aims to identify specific patterns or content within the response body that indicate the presence of the Airwatch login panel.
For example, the module may send a GET request to the "/AirWatch/Login" path and examine the response body for specific words or phrases such as "About VMware AirWatch," "content=\"AirWatch," or "/AirWatch/Images." If any of these conditions are met, the module considers the login panel to be detected.
The matching conditions are defined using the "matchers" field in the module's JSON definition. Multiple matchers can be combined using logical operators such as "or" or "and" to create more complex conditions.
It's important to note that this module only detects the presence of the Airwatch login panel and does not perform any active exploitation or manipulation of the system or application.
Reference: https://twitter.com/Jhaddix/status/1295861505963909120
Metadata: max-request: 1, verified: