File: USP-Secure-Login-Service.rb

package info (click to toggle)
whatweb 0.4.8~git20120606-1
  • links: PTS, VCS
  • area: main
  • in suites: wheezy
  • size: 7,956 kB
  • sloc: ruby: 53,738; sh: 577; makefile: 34
file content (63 lines) | stat: -rw-r--r-- 2,914 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
Plugin.define "USP-Secure-Login-Service" do
author "Brendan Coles <bcoles@gmail.com>" # 2011-08-25
version "0.1"
description "United Security Providers (USP; previously known as Tetrade) Secure Login Service (SLS) Framework. The SLS works alongside the USP Secure Entry Server (SES) which functions as a Reverse-Proxy and Web Application Firewall (WAF) and also fulfills the role of user authentication. - Homepage: http://www.united-security-providers.com/"

# The United Security Providers (USP; previously known as Tetrade) components Secure Entry Server (SES) and Secure Login Service (SLS) share their tasks in order to adhere to the principles of separation of powers. The task of the SES is to recognize non-authenticated users and to ensure that they are authenticated by the SLS (Access Control Enforcement Function). The task of the SLS is to perform the authentication (Authentication and Access Control Decision Function). The communication between SES and SLS is based on custom HTTP headers. The SES sends the desired user login type to the SLS which performs the authentication. Once the login is completed, the SLS signals the success or failure of the process back to the SES. According to this, the SES determines the access rights of the user.

# Google results as at 2011-08-25 #
# 21 for intitle:"Secure Login Service"
#  3 for inurl:"sls/auth?RequestedPage"

# Dorks #
dorks [
'inurl:"sls/auth?RequestedPage"'
]

# Examples #
examples %w|
https://customeraccess.partnersgroup.com/sls/auth
https://hitpartner.hotelplan.com/login/sls/auth
https://webmail.actelion.com/
https://entry.axa.de/bav-portal/sls/auth
https://ses.zehndergroup.com/login/sls/
https://www.credit-suisse.com/fundlab
www.reka.ch/login/sls/auth
www.rekanet.ch
webmail.kanti.sh.ch
www.ruedblass.ch
|

# Matches #
matches [

# HTML Comments
{ :text=>'<!-- Optional: If browser does not support Javascript, load URL xyz -->' },
{ :text=>'<!-- SLS JavaScripts -->' },

# Form HTML
{ :text=>'<form action="auth" method="post" name="LoginForm" onsubmit="return checkFormSubmit();" >' },

# input name="currentRequestedPage" type="hidden"
{ :certainty=>75, :regexp=>/<input name="currentRequestedPage" type="hidden" value="[^"]+" \/><\/form>/ },

# slsstatus Header
{ :search=>"headers[slsstatus]", :string=>/^([\d]+)$/ },

# SLSLanguage Cookie
{ :search=>"headers[set-cookie]", :regexp=>/SLSLanguage=([a-z]{2,3});/ },

# SCDID_S Cookie # This may indicate the presence of USP SES rather than USP SLS
# It may also belong to both. It's hard to confirm without access to the source.
{ :search=>"headers[set-cookie]", :module=>"zzzzzz", :regexp=>/SCDID_S=[^;^\s^\$]{54}\$\$;/ },

]

end