From 11f9cde3a35aeb531338e0cc3f81ba0b676e28d2 Mon Sep 17 00:00:00 2001
From: PR3R00T <50199640+PR3R00T@users.noreply.github.com>
Date: Wed, 6 Jan 2021 14:00:51 +0000
Subject: [PATCH] Locate Fortigate Fortiweb panels,

In preparation for the new set of unauthenticated vulnerabilities (https://twitter.com/ptswarm/status/1346806951326396416)
---
 panels/fortiweb-panel.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 panels/fortiweb-panel.yaml

diff --git a/panels/fortiweb-panel.yaml b/panels/fortiweb-panel.yaml
new file mode 100644
index 0000000000..060b97d997
--- /dev/null
+++ b/panels/fortiweb-panel.yaml
@@ -0,0 +1,24 @@
+id: fortiweb-login
+
+info:
+  name: Fortinet FortiWeb Login Panel
+  author: PR3R00T
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Please login"
+          - "ftnt-fortinet-grid"
+          - "main-fortiweb.css"
+        condition: and
+        part: body
+
+      - type: status
+        status:
+          - 200