--- data/http-fingerprints.lua 2011-07-01 04:10:48.000000000 -0700 +++ /home/cldrn/projects/nmap/src/nselib/data/http-fingerprints.lua 2011-06-26 22:39:02.000000000 -0700 @@ -181,7 +181,6 @@ {match='', output='Aastra IP Phone'} } }) - table.insert(fingerprints, { category='general', probes={ @@ -205,66 +204,6 @@ table.insert(fingerprints, { category='general', probes={ - {path='/tools_admin.php', method='HEAD'} - }, - matches= { - {match='', output='D-Link DIR-300'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/bsc_lan.php', method='HEAD'} - }, - matches= { - {match='', output='D-Link DIR-300, DIR-320, DIR-615 revD'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/Manage.tri', method='HEAD'} - }, - matches= { - {match='', output='Linksys WRT54G2'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='//system.html', method='GET'} - }, - matches= { - {match='', output='CMNC-200 IP Camera'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/main_configure.cgi', method='GET'} - }, - matches= { - {match='', output='Intellinet IP Camera'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/OvCgi/Toolbar.exe', method='HEAD'} - }, - matches= { - {match='', output='HP OpenView Network Node Manager'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ {path='/frontend/x3/', method='GET'} }, matches= { @@ -338,56 +277,6 @@ table.insert(fingerprints, { category='general', probes={ - {path='/LightNEasy.php?do=login', method='GET'} - }, - matches= { - {match='', output='LightNEasy'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/channel_detail.php', method='GET'} - }, - matches= { - {match='', output='DzTube'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/cgi-bin/vcs', method='GET'} - }, - matches= { - {match='', output='Mitel Audio and Web Conferencing (AWC)'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/ocsreports/', method='GET'} - }, - matches= { - {match='', output='OCS Inventory'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/vbseo.php', method='GET'} - }, - matches= { - {match='', output='vBSEO'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ {path='/forum/', method='HEAD'}, {path='/forums/', method='HEAD'}, {path='/smf/', method='HEAD'}, @@ -409,7 +298,6 @@ {path='/CFIDE/componentutils/login.cfm', method='HEAD'}, {path='/admin.php', method='HEAD'}, {path='/admin/', method='HEAD'}, - {path='/admin/admin/'. method='HEAD'}, {path='/administrator/', method='HEAD'}, {path='/moderator/', method='HEAD'}, {path='/webadmin/', method='HEAD'}, @@ -446,11 +334,9 @@ {path='/admin_area/login.html', method='HEAD'}, {path='/admin_area/index.html', method='HEAD'}, {path='/admin/controlpanel.php', method='HEAD'}, - {path='/admincp/', method='HEAD'}, {path='/admincp/index.asp', method='HEAD'}, {path='/admincp/login.asp', method='HEAD'}, {path='/admincp/index.html', method='HEAD'}, - {path='/admincp/login.php', method='HEAD'}, {path='/admin/account.html', method='HEAD'}, {path='/adminpanel.html', method='HEAD'}, {path='/webadmin.html', method='HEAD'}, @@ -863,15 +749,7 @@ {path='/AdminLogin.jsp', method='HEAD'}, {path='/AdminLogin.aspx', method='HEAD'}, {path='/AdminLogin.cfm', method='HEAD'}, - {path='/admin108/', method='HEAD'}, - {path='/pec_admin/', method='HEAD'}, - {path='/system/admin/', method='HEAD'}, - {path='/plog-admin/', method='HEAD'}, - {path='/ESAdmin/', method='HEAD'}, - {path='/axis2-admin/', method='HEAD'}, - {path='/webadmin.php', method='HEAD'}, - {path='/_sys/', method='HEAD'}, - {path='/admin_cp.asp', method='HEAD'} + {path='/admin108/', method='HEAD'} }, matches={ {match='Index of', output='Possible admin folder w/ directory listing'}, @@ -891,9 +769,7 @@ {path='/backups/', method='GET'}, {path='/bak/', method='GET'}, {path='/back/', method='GET'}, - {path='/cache/backup/', method='GET'}, - {path='/admin/backup/', method='GET'}, - {path='/dbbackup.txt', method='GET'} + {path='/cache/backup/', method='GET'} }, matches={ {match='<title>Index of', output='Backup folder w/ directory listing'}, @@ -904,30 +780,6 @@ table.insert(fingerprints, { category='general', probes={ - {path='/b.sql', method='GET'}, - {path='/db.sql', method='GET'}, - {path='/ddb.sql', method='GET'}, - {path='/users.sql', method='GET'}, - {path='/database.sql', method='GET'}, - {path='/mysql.sql', method='GET'}, - {path='/dump.sql', method='GET'}, - {path='/respaldo.sql', method='GET'}, - {path='/data.sql', method='GET'}, - {path='/old.sql', method='GET'}, - {path='/usuarios.sql', method='GET'}, - {path='/bdb.sql', method='GET'}, - {path='/1.sql', method='GET'}, - {path='/admin/download/backup.sql', method='HEAD'} - - }, - matches={ - {match='', output='Possible database backup'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ {path='/atom/', method='HEAD'}, {path='/atom.aspx', method='HEAD'}, {path='/atom.php', method='HEAD'}, @@ -1125,36 +977,6 @@ table.insert(fingerprints, { category='general', probes={ - {path='/admin/upload.php', method='HEAD'} - }, - matches= { - {match='', output='Admin File Upload'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/upload_multiple_js.php', method='HEAD'} - }, - matches= { - {match='', output='NAS Uploader'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/uploadtester.asp', method='HEAD'} - }, - matches= { - {match='', output='Free ASP Upload Shell'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ {path='/info.php', method='HEAD'} }, matches= { @@ -1225,712 +1047,259 @@ table.insert(fingerprints, { category='general', probes={ - {path='/tools_admin.cgi?', method='HEAD'} + {path='/confirminvite.php', method='HEAD'} }, matches= { - {match='', output='D-Link WBR-1310'} + {match='', output='phpMyBitTorrent'} } }) table.insert(fingerprints, { category='general', probes={ - {path='/browserId/wizardForm.jhtml', method='HEAD'}, - {path='/webline/html/forms/callback.jhtml', method='HEAD'}, - {path='/webline/html/forms/callbackICM.jhtml', method='HEAD'}, - {path='/webline/html/agent/AgentFrame.jhtml', method='HEAD'}, - {path='/webline/html/agent/default/badlogin.jhtml', method='HEAD'}, - {path='/callme/callForm.jhtml', method='HEAD'}, - {path='/webline/html/multichatui/nowDefunctWindow.jhtml', method='HEAD'}, - {path='/browserId/wizard.jhtml', method='HEAD'}, - {path='/admin/CiscoAdmin.jhtml', method='HEAD'}, - {path='/msccallme/mscCallForm.jhtml', method='HEAD'}, - {path='/webline/html/admin/wcs/LoginPage.jhtml', method='HEAD'} + {path='/sourcebans/', method='HEAD'} }, matches= { - {match='', output='Cisco Collaboration Server'} + {match='', output='SourceBans - Steam server application'} } }) table.insert(fingerprints, { category='general', probes={ - {path='/restoreinfo.cgi', method='HEAD'} + {path='/swfupload/index.php', method='HEAD'} }, matches= { - {match='', output='Sagem router'} + {match='', output='SWFUpload'} } }) table.insert(fingerprints, { category='general', probes={ - {path='/confirminvite.php', method='HEAD'} + {path='/mymarket/shopping/index.php', method='HEAD'} }, matches= { - {match='', output='phpMyBitTorrent'} + {match='', output='MyMarket'} } }) + +------------------------------------------------ +---- SECURITY SOFTWARE ---- +------------------------------------------------ +-- These checks will find specific installed software. If possible, it will also +-- find versions, etc. + table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/sourcebans/', method='HEAD'} + {path='/arcsight/', method='HEAD'}, + {path='/arcsight/images/logo-login-arcsight.gif', method='HEAD'}, + {path='/arcsight/images/navbar-icon-logout-on.gif', method='HEAD'}, + {path='/images/logo-arcsight.gif', method='HEAD'}, + {path='/logger/monitor.ftl', method='HEAD'}, }, matches= { - {match='', output='SourceBans - Steam server application'} + {output='Arcsight'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/swfupload/index.php', method='HEAD'} + {path='/beef/', method='HEAD'}, + {path='/BEEF/', method='HEAD'}, + {path='/beef/images/beef.gif', method='HEAD'} }, matches= { - {match='', output='SWFUpload'} + {output='BeEF Browser Exploitation Framework'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/mymarket/shopping/index.php', method='HEAD'} + {path='/gfx/form_top_left_corner.gif', method='HEAD'}, + {path='/gfx/logout_24.png', method='HEAD'}, + {path='/gfx/new_logo.gif', method='HEAD'}, + {path='/javascript/sorttable.js', method='HEAD'} }, matches= { - {match='', output='MyMarket'} + {match='', output='Secunia NSI'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/myshop_start.php', method='HEAD'} + {path='/images/btn_help_nml.gif', method='HEAD'}, + {path='/images/hdr_icon_homeG.gif', method='HEAD'}, + {path='/spControl.php', method='HEAD'}, + {path='/images/isslogo.gif', method='HEAD'}, + {path='/deploymentmanager/', method='HEAD'}, }, matches= { - {match='', output='FozzCom shopping'} + {match='', output='IBM Proventia'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/piranha/secure/passwd.php3', method='HEAD'} + {path='/i18n/EN/css/foundstone.css', method='HEAD'}, + {path='/i18n/EN/images/external_nav_square.gif', method='HEAD'}, }, matches= { - {match='', output='RedHat Piranha Virtual Server'} + {match='', output='Foundstone'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/cgi-bin/ck/mimencode', method='HEAD'} + {path='/officescan/console/html/cgi/cgiChkMasterPwd.exe', method='HEAD'}, + {path='/officescan/console/html/ClientInstall/officescannt.htm', method='HEAD'}, + {path='/officescan/console/html/images/icon_refresh.gif', method='HEAD'}, }, matches= { - {match='', output='ContentKeeper Web Appliance'} + {match='', output='Trend Micro OfficeScan Server'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/cgi-bin/masterCGI?', method='HEAD'} + {path='/picts/BC_bwlogorev.gif', method='HEAD'}, + {path='/picts/menu_leaf.gif', method='HEAD'}, }, matches= { - {match='', output='Alcatel-Lucent OmniPCX Enterprise'} + {match='', output='BlueCoat Reporter'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/tiny_mce/plugins/filemanager/', method='HEAD'} + {path='/theme/images/en/login1.gif', method='HEAD'}, }, matches= { - {match='', output='Tiny MCE File Upload'} + {match='', output='Fortinet VPN/Firewall'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/upload/scp/ajax.php', method='HEAD'} + {path='/', method='GET'}, }, matches= { - {match='', output='osTicket / AJAX File Upload'} + {match='id="NessusClient"', output='Nessus'}, + {match='NessusClient.swf', output='Nessus'} } }) table.insert(fingerprints, { - category='general', + category='security', probes={ - {path='/cgi-mod/view_help.cgi', method='HEAD'} + {path='/NessusClient.swf', method='HEAD'}, }, matches= { - {match='', output='Barracuda Networks Spam & Virus Firewall'} + {match='', output='Nessus'} } }) +------------------------------------------------ +---- MANAGEMENT SOFTWARE ---- +------------------------------------------------ table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/cgi-mod/index.cgi', method='HEAD'} + {path='/vmware/', method='HEAD'}, + {path='/vmware/imx/vmware_boxes-16x16.png', method='HEAD'}, + {path='/ui/', method='HEAD'}, + {path='/ui/imx/vmwareLogo-16x16.png', method='HEAD'}, + {path='/ui/imx/vmwarePaperBagLogo-16x16.png', method='HEAD'}, + {path='/ui/vManage.do', method='HEAD'}, + {path='/client/VMware-viclient.exe', method='HEAD'}, + {path='/en/welcomeRes.js', method='HEAD'} }, matches= { - {match='', output='Barracuda Web Application Firewall'} + {output='VMWare'} } }) table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/cgi-mod/smtp_test.cgi', method='HEAD'} + {path='/citrix/', method='HEAD'}, + {path='/Citrix/', method='HEAD'}, + {path='/Citrix/MetaFrame/auth/login.aspx', method='HEAD'}, + {path='/images/ctxHeader01.jpg', method='HEAD'}, + {path='/images/Safeword_Token.jpg', method='HEAD'}, + {path='/sw/auth/login.aspx', method='HEAD'}, + {path='/vpn/images/AccessGateway.ico', method='HEAD'}, + {path='/citrix/AccessPlatform/auth/clientscripts/', method='HEAD'}, + {path='/AccessPlatform/auth/clientscripts/', method='HEAD'}, + {path='/Citrix//AccessPlatform/auth/clientscripts/cookies.js', method='HEAD'}, + {path='/Citrix/AccessPlatform/auth/clientscripts/login.js', method='HEAD'}, + {path='/Citrix/PNAgent/config.xml', method='HEAD'}, }, matches= { - {match='', output='Barracuda IM Firewall'} + {output='Citrix'} } }) table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/TopToolArea.html', method='HEAD'}, - {path='/switchSystem.html', method='HEAD'} + {path='/cgi-bin/image/shikaku2.png', method='HEAD'}, }, matches= { - {match='', output='Alteon OS BBI (Nortell)'} + {match='', output='TeraStation PRO RAID 0/1/5 Network Attached Storage'} } }) table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/intruvert/jsp/module/Login.jsp', method='HEAD'} + {path='/config/public/usergrp.gif', method='HEAD'}, + {path='/pictures/buttons/file_view_mark.gif', method='HEAD'}, }, matches= { - {match='', output='McAfee Network Security Manager'} + {match='', output='AXIS StorPoint'} } }) table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/ajaxfilemanager/', method='HEAD'} + {path='/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=', method='HEAD'}, + {path='/hplogo.gif', method='HEAD'}, }, matches= { - {match='', output='AJAX File Manager'} + {match='', output='HP System Management Homepage'} } }) table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/upload/data/settings.cdb', method='HEAD'} + {path='/ie_index.htm', method='HEAD'}, + {path='/ilo.gif', method='HEAD'}, }, matches= { - {match='', output='CF Image Hosting DB'} + {match='', output='HP Integrated Lights Out'} } }) table.insert(fingerprints, { - category='general', + category='management', probes={ - {path='/fm.php', method='HEAD'} + {path='/images/icon_server_connected.gif', method='HEAD'}, }, matches= { - {match='', output='Simple File Manager'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/nagios3/cgi-bin/statuswml.cgi', method='GET'}, - {path='/nagios3/', method='GET'} - }, - matches= { - {match='', output='Nagios3'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/test/logon.html', method='HEAD'} - }, - matches= { - {match='', output='Jetty'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/cal_cat.php', method='HEAD'}, - {path='/calendar/cal_cat.php', method='HEAD'}, - {path='/cal/cal_cat.php', method='HEAD'} - }, - matches= { - {match='', output='Calendarix'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/private/sdc.tgz', method='GET'} - }, - matches= { - {match='', output='IBM Bladecenter Management Logs'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/cacti/', method='GET'} - }, - matches= { - {match='', output='Cacti Web Monitoring'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/cgi-bin/awstats.pl', method='GET'} - }, - matches= { - {match='', output='AWStats'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/wiki/rankings.php', method='GET'} - }, - matches= { - {match='', output='Bit Weaver'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/reqdetails.php', method='GET'} - }, - matches= { - {match='', output='BtiTracker'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/shared/help.php', method='GET'} - }, - matches= { - {match='', output='OpenBiblio/WebBiblio Subject Gateway System'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/seti.php', method='GET'} - }, - matches= { - {match='', output='PHP SETI@home'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/imc/', method='GET'}, - {path='/imcws/', method='GET'} - }, - matches= { - {match='', output='3Com Intelligent Management Center'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/partymgr/', method='GET'} - }, - matches= { - {match='', output='Apache OFBiz'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/Base/upload.php', method='GET'} - }, - matches= { - {match='', output='MassMirror Uploader'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/YUI-upload/html', method='GET'} - }, - matches= { - {match='', output='YUI Images / File Upload'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/tools/filemanager/skins/mobile/admin1.template.php', method='GET'} - }, - matches= { - {match='', output='MassMirror Uploader'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/Uploadify/', method='GET'} - }, - matches= { - {match='', output='Uploadify'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/syssite/', method='HEAD'} - }, - matches= { - {match='', output='ShopEx'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/updown.php', method='HEAD'} - }, - matches= { - {match='', output='PHP Uploader Downloader'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/modules/docmanager/doctypetemplates/myuploadedfile', method='HEAD'} - }, - matches= { - {match='', output='Achievo'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/ReqWebHelp/advanced/workingSet.jsp', method='HEAD'} - }, - matches= { - {match='', output='IBM Rational RequisitePro/ReqWebHelp'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/dhost/', method='HEAD'} - }, - matches= { - {match='', output='Novell eDirectory'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/engine/api/api.class.php', method='HEAD'} - }, - matches= { - {match='', output='DatalifeEngine'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/jsft_resource.jsf', method='HEAD'}, - {path='/scales_static_resource.jsf', method='HEAD'} - }, - matches= { - {match='', output='JSFTemplating/Mojarra Scales/GlassFish Application Server'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/setup/password_required.html', method='HEAD'} - }, - matches= { - {match='', output='2WIRE GATEWAY'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/zp-core/', method='HEAD'} - }, - matches= { - {match='', output='Zen Photo'} - } -}) - -table.insert(fingerprints, { - category='general', - probes={ - {path='/amember/', method='HEAD'} - }, - matches= { - {match='', output='aMember'} - } -}) ------------------------------------------------- ----- SECURITY SOFTWARE ---- ------------------------------------------------- --- These checks will find specific installed software. If possible, it will also --- find versions, etc. - -table.insert(fingerprints, { - category='security', - probes={ - {path='/arcsight/', method='HEAD'}, - {path='/arcsight/images/logo-login-arcsight.gif', method='HEAD'}, - {path='/arcsight/images/navbar-icon-logout-on.gif', method='HEAD'}, - {path='/images/logo-arcsight.gif', method='HEAD'}, - {path='/logger/monitor.ftl', method='HEAD'}, - }, - matches={ - {output='Arcsight'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/beef/', method='HEAD'}, - {path='/BEEF/', method='HEAD'}, - {path='/beef/images/beef.gif', method='HEAD'} - }, - matches={ - {output='BeEF Browser Exploitation Framework'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/gfx/form_top_left_corner.gif', method='HEAD'}, - {path='/gfx/logout_24.png', method='HEAD'}, - {path='/gfx/new_logo.gif', method='HEAD'}, - {path='/javascript/sorttable.js', method='HEAD'} - }, - matches= { - {match='', output='Secunia NSI'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/images/btn_help_nml.gif', method='HEAD'}, - {path='/images/hdr_icon_homeG.gif', method='HEAD'}, - {path='/spControl.php', method='HEAD'}, - {path='/images/isslogo.gif', method='HEAD'}, - {path='/deploymentmanager/', method='HEAD'}, - }, - matches= { - {match='', output='IBM Proventia'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/i18n/EN/css/foundstone.css', method='HEAD'}, - {path='/i18n/EN/images/external_nav_square.gif', method='HEAD'}, - }, - matches= { - {match='', output='Foundstone'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/officescan/console/html/cgi/cgiChkMasterPwd.exe', method='HEAD'}, - {path='/officescan/console/html/ClientInstall/officescannt.htm', method='HEAD'}, - {path='/officescan/console/html/images/icon_refresh.gif', method='HEAD'}, - }, - matches= { - {match='', output='Trend Micro OfficeScan Server'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/picts/BC_bwlogorev.gif', method='HEAD'}, - {path='/picts/menu_leaf.gif', method='HEAD'}, - }, - matches= { - {match='', output='BlueCoat Reporter'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/theme/images/en/login1.gif', method='HEAD'}, - }, - matches={ - {match='', output='Fortinet VPN/Firewall'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/', method='GET'}, - }, - matches={ - {match='id="NessusClient"', output='Nessus'}, - {match='NessusClient.swf', output='Nessus'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/NessusClient.swf', method='HEAD'}, - }, - matches={ - {match='', output='Nessus'} - } -}) - -table.insert(fingerprints, { - category='security', - probes={ - {path='/dotDefender/', method='HEAD'}, - }, - matches={ - {match='', output='dotDefender Web Application Firewall'} - } -}) ------------------------------------------------- ----- MANAGEMENT SOFTWARE ---- ------------------------------------------------- -table.insert(fingerprints, { - category='management', - probes={ - {path='/vmware/', method='HEAD'}, - {path='/vmware/imx/vmware_boxes-16x16.png', method='HEAD'}, - {path='/ui/', method='HEAD'}, - {path='/ui/imx/vmwareLogo-16x16.png', method='HEAD'}, - {path='/ui/imx/vmwarePaperBagLogo-16x16.png', method='HEAD'}, - {path='/ui/vManage.do', method='HEAD'}, - {path='/client/VMware-viclient.exe', method='HEAD'}, - {path='/en/welcomeRes.js', method='HEAD'} - }, - matches={ - {output='VMWare'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/citrix/', method='HEAD'}, - {path='/Citrix/', method='HEAD'}, - {path='/Citrix/MetaFrame/auth/login.aspx', method='HEAD'}, - {path='/images/ctxHeader01.jpg', method='HEAD'}, - {path='/images/Safeword_Token.jpg', method='HEAD'}, - {path='/sw/auth/login.aspx', method='HEAD'}, - {path='/vpn/images/AccessGateway.ico', method='HEAD'}, - {path='/citrix/AccessPlatform/auth/clientscripts/', method='HEAD'}, - {path='/AccessPlatform/auth/clientscripts/', method='HEAD'}, - {path='/Citrix//AccessPlatform/auth/clientscripts/cookies.js', method='HEAD'}, - {path='/Citrix/AccessPlatform/auth/clientscripts/login.js', method='HEAD'}, - {path='/Citrix/PNAgent/config.xml', method='HEAD'}, - }, - matches={ - {output='Citrix'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/cgi-bin/image/shikaku2.png', method='HEAD'}, - }, - matches= { - {match='', output='TeraStation PRO RAID 0/1/5 Network Attached Storage'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/config/public/usergrp.gif', method='HEAD'}, - {path='/pictures/buttons/file_view_mark.gif', method='HEAD'}, - }, - matches= { - {match='', output='AXIS StorPoint'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=', method='HEAD'}, - {path='/hplogo.gif', method='HEAD'}, - }, - matches= { - {match='', output='HP System Management Homepage'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/ie_index.htm', method='HEAD'}, - {path='/ilo.gif', method='HEAD'}, - }, - matches= { - {match='', output='HP Integrated Lights Out'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/images/icon_server_connected.gif', method='HEAD'}, - }, - matches= { - {match='', output='HP Blade Enclosure'} + {match='', output='HP Blade Enclosure'} } }) @@ -2035,7 +1404,7 @@ table.insert(fingerprints, { category='management', probes={ - {path='/Dashboard/Dashboard.html', method='GET'} + {path='/Dashboard/Dashboard.html', method='GET'}, }, matches= { {match='Server: Kodak-RulesBasedAutomation', output='Prinergy Dashboard Client Login'}, @@ -2043,45 +1412,7 @@ } }) -table.insert(fingerprints, { - category='management', - probes={ - {path='/flexfm/', method='HEAD'} - }, - matches= { - {match='', output='Flex File Manager'} - } -}) -table.insert(fingerprints, { - category='management', - probes={ - {path='/lib/usermanagement/userInfo.php', method='HEAD'} - }, - matches= { - {match='', output='Testlink TestManagement'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/security/xamppsecurity.php', method='HEAD'} - }, - matches= { - {match='', output='XAMPP'} - } -}) - -table.insert(fingerprints, { - category='management', - probes={ - {path='/dm-albums/dm-albums.php', method='HEAD'} - }, - matches= { - {match='', output='DM FileManager'} - } -}) ------------------------------------------------ ---- PRINTERS, WEBCAMS, PROJECTORS ---- ------------------------------------------------ @@ -2157,89 +1488,12 @@ ------------------------------------------------ ---- DATABASES ---- ------------------------------------------------ - ---phpmyadmin db taken from http://milw0rm.com/exploits/8921 table.insert(fingerprints, { category='database', probes={ {path='/phpmyadmin/', method='HEAD'}, {path='/phpMyAdmin/', method='HEAD'}, - {path='/PHPMyAdmin/', method='HEAD'}, - {path='/PMA/', method='HEAD'}, - {path='/pma/', method='HEAD'}, - {path='/dbadmin/', method='HEAD'}, - {path='/myadmin/', method='HEAD'}, - {path='/php-my-admin/', method='HEAD'}, - {path='/phpMyAdmin2/', method='HEAD'}, - {path='/phpMyAdmin-2/', method='HEAD'}, - {path='/phpMyAdmin-2.2.3/', method='HEAD'}, - {path='/phpMyAdmin-2.2.6/', method='HEAD'}, - {path='/phpMyAdmin-2.5.1/', method='HEAD'}, - {path='/phpMyAdmin-2.5.4/', method='HEAD'}, - {path='/phpMyAdmin-2.5.5-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.5.5-rc2/', method='HEAD'}, - {path='/phpMyAdmin-2.5.5/', method='HEAD'}, - {path='/phpMyAdmin-2.5.5-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.5.6-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.5.6-rc2/', method='HEAD'}, - {path='/phpMyAdmin-2.5.6/', method='HEAD'}, - {path='/phpMyAdmin-2.5.7/', method='HEAD'}, - {path='/phpMyAdmin-2.5.7-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-alpha/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-alpha2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-beta1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-beta2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-rc2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-rc3/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-pl2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.0-pl3/', method='HEAD'}, - {path='/phpMyAdmin-2.6.1-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.1-rc2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.1-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.1-pl2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.1-pl3/', method='HEAD'}, - {path='/phpMyAdmin-2.6.2-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.2-beta1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.2-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.2-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.3/', method='HEAD'}, - {path='/phpMyAdmin-2.6.3-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.3/', method='HEAD'}, - {path='/phpMyAdmin-2.6.3-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.4-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.4-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.6.4-pl2/', method='HEAD'}, - {path='/phpMyAdmin-2.6.4-pl3/', method='HEAD'}, - {path='/phpMyAdmin-2.6.4-pl4/', method='HEAD'}, - {path='/phpMyAdmin-2.6.4/', method='HEAD'}, - {path='/phpMyAdmin-2.7.0-beta1/', method='HEAD'}, - {path='/phpMyAdmin-2.7.0-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.7.0-pl1/', method='HEAD'}, - {path='/phpMyAdmin-2.7.0-pl2/', method='HEAD'}, - {path='/phpMyAdmin-2.7.0/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0-beta1/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0-rc2/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0.1/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0.2/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0.3/', method='HEAD'}, - {path='/phpMyAdmin-2.8.0.4/', method='HEAD'}, - {path='/phpMyAdmin-2.8.1-rc1/', method='HEAD'}, - {path='/phpMyAdmin-2.8.1/', method='HEAD'}, - {path='/phpMyAdmin-2.8.2/', method='HEAD'}, - {path='/sqlmanager/', method='HEAD'}, - {path='/php-myadmin/', method='HEAD'}, - {path='/phpmy-admin/', method='HEAD'}, - {path='/mysqladmin/', method='HEAD'}, - {path='/mysql-admin/', method='HEAD'}, - {path='/websql/', method='HEAD'}, - {path='/_phpmyadmin/', method='HEAD'} + {path='/PHPMyAdmin/', method='HEAD'} }, matches={ {output='phpMyAdmin'} @@ -2430,7 +1684,6 @@ {path='/lists/mycomments.aspx', method='HEAD'}, {path='/_layouts/userdisp.aspx', method='HEAD'}, {path='/_layouts/help.aspx', method='HEAD'}, - {path='/_layouts/download.aspx', method='HEAD'} }, matches= { {match='', output='MS Sharepoint'} @@ -2672,17 +1925,7 @@ {path='/Info.live.htm', method='GET'} }, matches={ - {match='200', output='Possible DD-WRT router Information Disclosure (OSVDB 70230)'} - } -}) - -table.insert(fingerprints, { - category='attacks', - probes={ - {path='/CuteSoft_Client/CuteEditor/Load.ashx?type=image&file=../../../web.config', method='GET'} - }, - matches={ - {match='200', output='Cute Editor ASP.NET Remote File Disclosure ( CVE 2009-4665 )'} + {match='200', output='Possible DD-WRT router Information Disclosure (OSVDB 70230)'} } }) ------------------------------------------------ @@ -2992,341 +2235,6 @@ } }) -table.insert(fingerprints, { - category='cms', - probes={ - {path='/system/admin/header.php', method='GET'}, - {path='/system/admin/comments_items.php', method='GET'} - }, - matches= { - {match='', output='Habari Blog'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/scripts/fckeditor/editor/filemanager/connectors/test.html', method='GET'}, - {path='/scripts/fckeditor/editor/filemanager/connectors/uploadtest.html', method='GET'} - }, - matches= { - {match='', output='Digitalus CMS/FCKEditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/fckeditor/editor/filemanager/connectors/test.html', method='GET'} - }, - matches= { - {match='', output='phpmotion/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/fckeditor/editor/filemanager/upload/test.html', method='GET'} - }, - matches= { - {match='', output='Geeklog/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html', method='GET'} - }, - matches= { - {match='', output='OpenCart/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html', method='GET'} - }, - matches= { - {match='', output='DM File Manager/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html', method='GET'} - }, - matches= { - {match='', output='DM File Manager/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php', method='HEAD'}, - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp', method='HEAD'}, - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx', method='HEAD'}, - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm', method='HEAD'}, - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/lasso/connector.lasso', method='HEAD'}, - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi', method='HEAD'}, - {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/py/connector.py', method='HEAD'} - }, - matches= { - {match='', output='PHPnuke/Remote File Download'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/FCKEditor/editor/filemanager/browser/default/connectors/test.html', method='GET'} - }, - matches= { - {match='', output='EgO or osCMax/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/admin/includes/tiny_mce/plugins/tinybrowser/upload.php', method='GET'} - }, - matches= { - {match='', output='CompactCMS or B-Hind CMS/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/Backstage/Components/FreeTextBox/ftb.imagegallery.aspx', method='HEAD'} - }, - matches= { - {match='', output='Luftguitar CMS/File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/_plugin/fckeditor/editor/filemanager/connectors/test.html', method='HEAD'} - }, - matches= { - {match='', output='SweetRice/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/html/news_fckeditor/editor/filemanager/upload/php/upload.php', method='HEAD'} - }, - matches= { - {match='', output='cardinalCms/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/fckeditor/editor/filemanager/connectors/test.html', method='HEAD'} - }, - matches= { - {match='', output='LightNEasy/FCKeditor File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/admin/includes/FCKeditor/editor/filemanager/upload/test.html', method='HEAD'} - }, - matches= { - {match='', output='ASP Simple Blog / FCKeditor File Upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/uploadsnaps.php', method='HEAD'} - }, - matches= { - {match='', output='ZeeMatri/File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/upload/includes/js/files/upload.php', method='HEAD'} - }, - matches= { - {match='', output='Digital College/File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/tinybrowser/upload.php', method='HEAD'} - }, - matches= { - {match='', output='Tinybrowser Remote File Upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/editor/editor/filemanager/upload/test.html', method='HEAD'} - }, - matches= { - {match='', output='Tadbir / File Upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/photogallery_open.php', method='HEAD'} - }, - matches= { - {match='', output='Heaven Soft CMS'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx', method='HEAD'} - }, - matches= { - {match='', output='DotNetNuke / File Upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/assetmanager/assetmanager.asp', method='HEAD'} - }, - matches= { - {match='', output='Asset Manager/Remote File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/Final/login/ava_upl.php', method='HEAD'}, - {path='/Final/login/ava_upl2.php', method='HEAD'} - }, - matches= { - {match='', output='Asset Manager/Remote File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/spaw/demo.php', method='HEAD'} - }, - matches= { - {match='', output='SpawCMS/Remote File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/admin/jscript/upload.php', method='HEAD'}, - {path='/admin/jscript/upload.html', method='HEAD'}, - {path='/admin/jscript/upload.pl', method='HEAD'}, - {path='/admin/jscript/upload.asp', method='HEAD'} - }, - matches= { - {match='', output='Lizard Cart/Remote File upload'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/databases/acidcat_3.mdb', method='HEAD'} - }, - matches= { - {match='', output='Acidcat CMS Database'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/mdb-database/dblog.mdb', method='HEAD'} - }, - matches= { - {match='', output='dBlog Database'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/db/users.mdb', method='HEAD'}, - {path='/db/'} - }, - matches= { - {match='', output='BlogWorx Database'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/infusions/avatar_studio/avatar_studio.php', method='HEAD'} - }, - matches= { - {match='', output='PHP-Fusion Mod avatar_studio'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/bnnr.php', method='HEAD'}, - {path='/vb/bnnr.php', method='HEAD'} - }, - matches= { - {match='', output='PHP-Fusion Mod avatar_studio'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/bnnr.php', method='HEAD'}, - {path='/vb/bnnr.php', method='HEAD'}, - {path='/forum/bnnr.php', method='HEAD'} - }, - matches= { - {match='', output='vBulletin ads_saed'} - } -}) - -table.insert(fingerprints, { - category='cms', - probes={ - {path='/weblink_cat_list.php', method='HEAD'} - }, - matches= { - {match='', output='WHMCompleteSolution CMS'} - } -}) ------------------------------------------------ ---- UNCATEGORIZED ----