2022-01-06 11:51:21 +00:00
|
|
|
id: vmware-horizon-panel
|
2021-02-27 12:37:25 +00:00
|
|
|
|
|
|
|
|
info:
|
2023-01-24 21:36:02 +00:00
|
|
|
name: VMware Horizon Login Panel - Detect
|
2022-06-17 20:14:37 +00:00
|
|
|
author: dhiyaneshDK,pdteam
|
2021-02-27 12:37:25 +00:00
|
|
|
severity: info
|
2023-01-24 21:36:02 +00:00
|
|
|
description: VMware Horizon login panel was detected.
|
2022-04-22 10:38:41 +00:00
|
|
|
reference:
|
|
|
|
|
- https://www.exploit-db.com/ghdb/6496
|
2023-01-24 21:36:02 +00:00
|
|
|
classification:
|
|
|
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
2023-10-14 11:27:55 +00:00
|
|
|
cvss-score: 0
|
2023-01-24 21:36:02 +00:00
|
|
|
cwe-id: CWE-200
|
2023-04-28 08:11:21 +00:00
|
|
|
metadata:
|
|
|
|
|
max-request: 2
|
2023-10-14 11:27:55 +00:00
|
|
|
tags: horizon,vmware,edb,panel
|
2021-02-27 12:37:25 +00:00
|
|
|
|
2023-04-27 04:28:59 +00:00
|
|
|
http:
|
2021-02-27 12:37:25 +00:00
|
|
|
- method: GET
|
|
|
|
|
path:
|
2022-06-17 20:14:37 +00:00
|
|
|
- "{{BaseURL}}"
|
2021-02-27 12:37:25 +00:00
|
|
|
- '{{BaseURL}}/portal/webclient/index.html'
|
|
|
|
|
|
2022-06-17 20:14:37 +00:00
|
|
|
stop-at-first-match: true
|
2022-10-07 21:27:25 +00:00
|
|
|
host-redirects: true
|
2022-06-17 20:14:37 +00:00
|
|
|
max-redirects: 2
|
2021-02-27 12:37:25 +00:00
|
|
|
matchers:
|
2021-11-19 14:17:09 +00:00
|
|
|
- type: regex
|
|
|
|
|
part: body
|
|
|
|
|
regex:
|
|
|
|
|
- '(?m)^Missing route token in request$'
|
2022-06-17 20:14:37 +00:00
|
|
|
- 'VMware Horizon'
|
2023-01-24 21:36:02 +00:00
|
|
|
condition: or
|
2023-10-19 13:13:52 +00:00
|
|
|
# digest: 4b0a00483046022100ea478edff92a96a31c49a45aef1653befb3fb6f41cba831150bfda7842f124600221008c6ec93d0f731eb0a0ae0a459d0dad07e08af57abb60be66749fb3eecc694158:922c64590222798bb761d5b6d8e72950
|
