--- data/http-fingerprints.lua 2011-07-01 04:10:48.000000000 -0700
+++ /home/cldrn/projects/nmap/src/nselib/data/http-fingerprints.lua 2011-06-26 22:39:02.000000000 -0700
@@ -181,7 +181,6 @@
{match='', output='Aastra IP Phone'}
}
})
-
table.insert(fingerprints, {
category='general',
probes={
@@ -205,66 +204,6 @@
table.insert(fingerprints, {
category='general',
probes={
- {path='/tools_admin.php', method='HEAD'}
- },
- matches= {
- {match='', output='D-Link DIR-300'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/bsc_lan.php', method='HEAD'}
- },
- matches= {
- {match='', output='D-Link DIR-300, DIR-320, DIR-615 revD'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/Manage.tri', method='HEAD'}
- },
- matches= {
- {match='', output='Linksys WRT54G2'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='//system.html', method='GET'}
- },
- matches= {
- {match='', output='CMNC-200 IP Camera'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/main_configure.cgi', method='GET'}
- },
- matches= {
- {match='', output='Intellinet IP Camera'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/OvCgi/Toolbar.exe', method='HEAD'}
- },
- matches= {
- {match='', output='HP OpenView Network Node Manager'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
{path='/frontend/x3/', method='GET'}
},
matches= {
@@ -338,56 +277,6 @@
table.insert(fingerprints, {
category='general',
probes={
- {path='/LightNEasy.php?do=login', method='GET'}
- },
- matches= {
- {match='', output='LightNEasy'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/channel_detail.php', method='GET'}
- },
- matches= {
- {match='', output='DzTube'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/cgi-bin/vcs', method='GET'}
- },
- matches= {
- {match='', output='Mitel Audio and Web Conferencing (AWC)'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/ocsreports/', method='GET'}
- },
- matches= {
- {match='', output='OCS Inventory'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/vbseo.php', method='GET'}
- },
- matches= {
- {match='', output='vBSEO'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
{path='/forum/', method='HEAD'},
{path='/forums/', method='HEAD'},
{path='/smf/', method='HEAD'},
@@ -409,7 +298,6 @@
{path='/CFIDE/componentutils/login.cfm', method='HEAD'},
{path='/admin.php', method='HEAD'},
{path='/admin/', method='HEAD'},
- {path='/admin/admin/'. method='HEAD'},
{path='/administrator/', method='HEAD'},
{path='/moderator/', method='HEAD'},
{path='/webadmin/', method='HEAD'},
@@ -446,11 +334,9 @@
{path='/admin_area/login.html', method='HEAD'},
{path='/admin_area/index.html', method='HEAD'},
{path='/admin/controlpanel.php', method='HEAD'},
- {path='/admincp/', method='HEAD'},
{path='/admincp/index.asp', method='HEAD'},
{path='/admincp/login.asp', method='HEAD'},
{path='/admincp/index.html', method='HEAD'},
- {path='/admincp/login.php', method='HEAD'},
{path='/admin/account.html', method='HEAD'},
{path='/adminpanel.html', method='HEAD'},
{path='/webadmin.html', method='HEAD'},
@@ -863,15 +749,7 @@
{path='/AdminLogin.jsp', method='HEAD'},
{path='/AdminLogin.aspx', method='HEAD'},
{path='/AdminLogin.cfm', method='HEAD'},
- {path='/admin108/', method='HEAD'},
- {path='/pec_admin/', method='HEAD'},
- {path='/system/admin/', method='HEAD'},
- {path='/plog-admin/', method='HEAD'},
- {path='/ESAdmin/', method='HEAD'},
- {path='/axis2-admin/', method='HEAD'},
- {path='/webadmin.php', method='HEAD'},
- {path='/_sys/', method='HEAD'},
- {path='/admin_cp.asp', method='HEAD'}
+ {path='/admin108/', method='HEAD'}
},
matches={
{match='
Index of', output='Possible admin folder w/ directory listing'},
@@ -891,9 +769,7 @@
{path='/backups/', method='GET'},
{path='/bak/', method='GET'},
{path='/back/', method='GET'},
- {path='/cache/backup/', method='GET'},
- {path='/admin/backup/', method='GET'},
- {path='/dbbackup.txt', method='GET'}
+ {path='/cache/backup/', method='GET'}
},
matches={
{match='Index of', output='Backup folder w/ directory listing'},
@@ -904,30 +780,6 @@
table.insert(fingerprints, {
category='general',
probes={
- {path='/b.sql', method='GET'},
- {path='/db.sql', method='GET'},
- {path='/ddb.sql', method='GET'},
- {path='/users.sql', method='GET'},
- {path='/database.sql', method='GET'},
- {path='/mysql.sql', method='GET'},
- {path='/dump.sql', method='GET'},
- {path='/respaldo.sql', method='GET'},
- {path='/data.sql', method='GET'},
- {path='/old.sql', method='GET'},
- {path='/usuarios.sql', method='GET'},
- {path='/bdb.sql', method='GET'},
- {path='/1.sql', method='GET'},
- {path='/admin/download/backup.sql', method='HEAD'}
-
- },
- matches={
- {match='', output='Possible database backup'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
{path='/atom/', method='HEAD'},
{path='/atom.aspx', method='HEAD'},
{path='/atom.php', method='HEAD'},
@@ -1125,36 +977,6 @@
table.insert(fingerprints, {
category='general',
probes={
- {path='/admin/upload.php', method='HEAD'}
- },
- matches= {
- {match='', output='Admin File Upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/upload_multiple_js.php', method='HEAD'}
- },
- matches= {
- {match='', output='NAS Uploader'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/uploadtester.asp', method='HEAD'}
- },
- matches= {
- {match='', output='Free ASP Upload Shell'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
{path='/info.php', method='HEAD'}
},
matches= {
@@ -1225,712 +1047,259 @@
table.insert(fingerprints, {
category='general',
probes={
- {path='/tools_admin.cgi?', method='HEAD'}
+ {path='/confirminvite.php', method='HEAD'}
},
matches= {
- {match='', output='D-Link WBR-1310'}
+ {match='', output='phpMyBitTorrent'}
}
})
table.insert(fingerprints, {
category='general',
probes={
- {path='/browserId/wizardForm.jhtml', method='HEAD'},
- {path='/webline/html/forms/callback.jhtml', method='HEAD'},
- {path='/webline/html/forms/callbackICM.jhtml', method='HEAD'},
- {path='/webline/html/agent/AgentFrame.jhtml', method='HEAD'},
- {path='/webline/html/agent/default/badlogin.jhtml', method='HEAD'},
- {path='/callme/callForm.jhtml', method='HEAD'},
- {path='/webline/html/multichatui/nowDefunctWindow.jhtml', method='HEAD'},
- {path='/browserId/wizard.jhtml', method='HEAD'},
- {path='/admin/CiscoAdmin.jhtml', method='HEAD'},
- {path='/msccallme/mscCallForm.jhtml', method='HEAD'},
- {path='/webline/html/admin/wcs/LoginPage.jhtml', method='HEAD'}
+ {path='/sourcebans/', method='HEAD'}
},
matches= {
- {match='', output='Cisco Collaboration Server'}
+ {match='', output='SourceBans - Steam server application'}
}
})
table.insert(fingerprints, {
category='general',
probes={
- {path='/restoreinfo.cgi', method='HEAD'}
+ {path='/swfupload/index.php', method='HEAD'}
},
matches= {
- {match='', output='Sagem router'}
+ {match='', output='SWFUpload'}
}
})
table.insert(fingerprints, {
category='general',
probes={
- {path='/confirminvite.php', method='HEAD'}
+ {path='/mymarket/shopping/index.php', method='HEAD'}
},
matches= {
- {match='', output='phpMyBitTorrent'}
+ {match='', output='MyMarket'}
}
})
+
+------------------------------------------------
+---- SECURITY SOFTWARE ----
+------------------------------------------------
+-- These checks will find specific installed software. If possible, it will also
+-- find versions, etc.
+
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/sourcebans/', method='HEAD'}
+ {path='/arcsight/', method='HEAD'},
+ {path='/arcsight/images/logo-login-arcsight.gif', method='HEAD'},
+ {path='/arcsight/images/navbar-icon-logout-on.gif', method='HEAD'},
+ {path='/images/logo-arcsight.gif', method='HEAD'},
+ {path='/logger/monitor.ftl', method='HEAD'},
},
matches= {
- {match='', output='SourceBans - Steam server application'}
+ {output='Arcsight'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/swfupload/index.php', method='HEAD'}
+ {path='/beef/', method='HEAD'},
+ {path='/BEEF/', method='HEAD'},
+ {path='/beef/images/beef.gif', method='HEAD'}
},
matches= {
- {match='', output='SWFUpload'}
+ {output='BeEF Browser Exploitation Framework'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/mymarket/shopping/index.php', method='HEAD'}
+ {path='/gfx/form_top_left_corner.gif', method='HEAD'},
+ {path='/gfx/logout_24.png', method='HEAD'},
+ {path='/gfx/new_logo.gif', method='HEAD'},
+ {path='/javascript/sorttable.js', method='HEAD'}
},
matches= {
- {match='', output='MyMarket'}
+ {match='', output='Secunia NSI'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/myshop_start.php', method='HEAD'}
+ {path='/images/btn_help_nml.gif', method='HEAD'},
+ {path='/images/hdr_icon_homeG.gif', method='HEAD'},
+ {path='/spControl.php', method='HEAD'},
+ {path='/images/isslogo.gif', method='HEAD'},
+ {path='/deploymentmanager/', method='HEAD'},
},
matches= {
- {match='', output='FozzCom shopping'}
+ {match='', output='IBM Proventia'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/piranha/secure/passwd.php3', method='HEAD'}
+ {path='/i18n/EN/css/foundstone.css', method='HEAD'},
+ {path='/i18n/EN/images/external_nav_square.gif', method='HEAD'},
},
matches= {
- {match='', output='RedHat Piranha Virtual Server'}
+ {match='', output='Foundstone'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/cgi-bin/ck/mimencode', method='HEAD'}
+ {path='/officescan/console/html/cgi/cgiChkMasterPwd.exe', method='HEAD'},
+ {path='/officescan/console/html/ClientInstall/officescannt.htm', method='HEAD'},
+ {path='/officescan/console/html/images/icon_refresh.gif', method='HEAD'},
},
matches= {
- {match='', output='ContentKeeper Web Appliance'}
+ {match='', output='Trend Micro OfficeScan Server'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/cgi-bin/masterCGI?', method='HEAD'}
+ {path='/picts/BC_bwlogorev.gif', method='HEAD'},
+ {path='/picts/menu_leaf.gif', method='HEAD'},
},
matches= {
- {match='', output='Alcatel-Lucent OmniPCX Enterprise'}
+ {match='', output='BlueCoat Reporter'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/tiny_mce/plugins/filemanager/', method='HEAD'}
+ {path='/theme/images/en/login1.gif', method='HEAD'},
},
matches= {
- {match='', output='Tiny MCE File Upload'}
+ {match='', output='Fortinet VPN/Firewall'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/upload/scp/ajax.php', method='HEAD'}
+ {path='/', method='GET'},
},
matches= {
- {match='', output='osTicket / AJAX File Upload'}
+ {match='id="NessusClient"', output='Nessus'},
+ {match='NessusClient.swf', output='Nessus'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='security',
probes={
- {path='/cgi-mod/view_help.cgi', method='HEAD'}
+ {path='/NessusClient.swf', method='HEAD'},
},
matches= {
- {match='', output='Barracuda Networks Spam & Virus Firewall'}
+ {match='', output='Nessus'}
}
})
+------------------------------------------------
+---- MANAGEMENT SOFTWARE ----
+------------------------------------------------
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/cgi-mod/index.cgi', method='HEAD'}
+ {path='/vmware/', method='HEAD'},
+ {path='/vmware/imx/vmware_boxes-16x16.png', method='HEAD'},
+ {path='/ui/', method='HEAD'},
+ {path='/ui/imx/vmwareLogo-16x16.png', method='HEAD'},
+ {path='/ui/imx/vmwarePaperBagLogo-16x16.png', method='HEAD'},
+ {path='/ui/vManage.do', method='HEAD'},
+ {path='/client/VMware-viclient.exe', method='HEAD'},
+ {path='/en/welcomeRes.js', method='HEAD'}
},
matches= {
- {match='', output='Barracuda Web Application Firewall'}
+ {output='VMWare'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/cgi-mod/smtp_test.cgi', method='HEAD'}
+ {path='/citrix/', method='HEAD'},
+ {path='/Citrix/', method='HEAD'},
+ {path='/Citrix/MetaFrame/auth/login.aspx', method='HEAD'},
+ {path='/images/ctxHeader01.jpg', method='HEAD'},
+ {path='/images/Safeword_Token.jpg', method='HEAD'},
+ {path='/sw/auth/login.aspx', method='HEAD'},
+ {path='/vpn/images/AccessGateway.ico', method='HEAD'},
+ {path='/citrix/AccessPlatform/auth/clientscripts/', method='HEAD'},
+ {path='/AccessPlatform/auth/clientscripts/', method='HEAD'},
+ {path='/Citrix//AccessPlatform/auth/clientscripts/cookies.js', method='HEAD'},
+ {path='/Citrix/AccessPlatform/auth/clientscripts/login.js', method='HEAD'},
+ {path='/Citrix/PNAgent/config.xml', method='HEAD'},
},
matches= {
- {match='', output='Barracuda IM Firewall'}
+ {output='Citrix'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/TopToolArea.html', method='HEAD'},
- {path='/switchSystem.html', method='HEAD'}
+ {path='/cgi-bin/image/shikaku2.png', method='HEAD'},
},
matches= {
- {match='', output='Alteon OS BBI (Nortell)'}
+ {match='', output='TeraStation PRO RAID 0/1/5 Network Attached Storage'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/intruvert/jsp/module/Login.jsp', method='HEAD'}
+ {path='/config/public/usergrp.gif', method='HEAD'},
+ {path='/pictures/buttons/file_view_mark.gif', method='HEAD'},
},
matches= {
- {match='', output='McAfee Network Security Manager'}
+ {match='', output='AXIS StorPoint'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/ajaxfilemanager/', method='HEAD'}
+ {path='/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=', method='HEAD'},
+ {path='/hplogo.gif', method='HEAD'},
},
matches= {
- {match='', output='AJAX File Manager'}
+ {match='', output='HP System Management Homepage'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/upload/data/settings.cdb', method='HEAD'}
+ {path='/ie_index.htm', method='HEAD'},
+ {path='/ilo.gif', method='HEAD'},
},
matches= {
- {match='', output='CF Image Hosting DB'}
+ {match='', output='HP Integrated Lights Out'}
}
})
table.insert(fingerprints, {
- category='general',
+ category='management',
probes={
- {path='/fm.php', method='HEAD'}
+ {path='/images/icon_server_connected.gif', method='HEAD'},
},
matches= {
- {match='', output='Simple File Manager'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/nagios3/cgi-bin/statuswml.cgi', method='GET'},
- {path='/nagios3/', method='GET'}
- },
- matches= {
- {match='', output='Nagios3'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/test/logon.html', method='HEAD'}
- },
- matches= {
- {match='', output='Jetty'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/cal_cat.php', method='HEAD'},
- {path='/calendar/cal_cat.php', method='HEAD'},
- {path='/cal/cal_cat.php', method='HEAD'}
- },
- matches= {
- {match='', output='Calendarix'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/private/sdc.tgz', method='GET'}
- },
- matches= {
- {match='', output='IBM Bladecenter Management Logs'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/cacti/', method='GET'}
- },
- matches= {
- {match='', output='Cacti Web Monitoring'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/cgi-bin/awstats.pl', method='GET'}
- },
- matches= {
- {match='', output='AWStats'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/wiki/rankings.php', method='GET'}
- },
- matches= {
- {match='', output='Bit Weaver'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/reqdetails.php', method='GET'}
- },
- matches= {
- {match='', output='BtiTracker'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/shared/help.php', method='GET'}
- },
- matches= {
- {match='', output='OpenBiblio/WebBiblio Subject Gateway System'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/seti.php', method='GET'}
- },
- matches= {
- {match='', output='PHP SETI@home'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/imc/', method='GET'},
- {path='/imcws/', method='GET'}
- },
- matches= {
- {match='', output='3Com Intelligent Management Center'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/partymgr/', method='GET'}
- },
- matches= {
- {match='', output='Apache OFBiz'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/Base/upload.php', method='GET'}
- },
- matches= {
- {match='', output='MassMirror Uploader'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/YUI-upload/html', method='GET'}
- },
- matches= {
- {match='', output='YUI Images / File Upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/tools/filemanager/skins/mobile/admin1.template.php', method='GET'}
- },
- matches= {
- {match='', output='MassMirror Uploader'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/Uploadify/', method='GET'}
- },
- matches= {
- {match='', output='Uploadify'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/syssite/', method='HEAD'}
- },
- matches= {
- {match='', output='ShopEx'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/updown.php', method='HEAD'}
- },
- matches= {
- {match='', output='PHP Uploader Downloader'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/modules/docmanager/doctypetemplates/myuploadedfile', method='HEAD'}
- },
- matches= {
- {match='', output='Achievo'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/ReqWebHelp/advanced/workingSet.jsp', method='HEAD'}
- },
- matches= {
- {match='', output='IBM Rational RequisitePro/ReqWebHelp'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/dhost/', method='HEAD'}
- },
- matches= {
- {match='', output='Novell eDirectory'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/engine/api/api.class.php', method='HEAD'}
- },
- matches= {
- {match='', output='DatalifeEngine'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/jsft_resource.jsf', method='HEAD'},
- {path='/scales_static_resource.jsf', method='HEAD'}
- },
- matches= {
- {match='', output='JSFTemplating/Mojarra Scales/GlassFish Application Server'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/setup/password_required.html', method='HEAD'}
- },
- matches= {
- {match='', output='2WIRE GATEWAY'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/zp-core/', method='HEAD'}
- },
- matches= {
- {match='', output='Zen Photo'}
- }
-})
-
-table.insert(fingerprints, {
- category='general',
- probes={
- {path='/amember/', method='HEAD'}
- },
- matches= {
- {match='', output='aMember'}
- }
-})
-------------------------------------------------
----- SECURITY SOFTWARE ----
-------------------------------------------------
--- These checks will find specific installed software. If possible, it will also
--- find versions, etc.
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/arcsight/', method='HEAD'},
- {path='/arcsight/images/logo-login-arcsight.gif', method='HEAD'},
- {path='/arcsight/images/navbar-icon-logout-on.gif', method='HEAD'},
- {path='/images/logo-arcsight.gif', method='HEAD'},
- {path='/logger/monitor.ftl', method='HEAD'},
- },
- matches={
- {output='Arcsight'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/beef/', method='HEAD'},
- {path='/BEEF/', method='HEAD'},
- {path='/beef/images/beef.gif', method='HEAD'}
- },
- matches={
- {output='BeEF Browser Exploitation Framework'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/gfx/form_top_left_corner.gif', method='HEAD'},
- {path='/gfx/logout_24.png', method='HEAD'},
- {path='/gfx/new_logo.gif', method='HEAD'},
- {path='/javascript/sorttable.js', method='HEAD'}
- },
- matches= {
- {match='', output='Secunia NSI'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/images/btn_help_nml.gif', method='HEAD'},
- {path='/images/hdr_icon_homeG.gif', method='HEAD'},
- {path='/spControl.php', method='HEAD'},
- {path='/images/isslogo.gif', method='HEAD'},
- {path='/deploymentmanager/', method='HEAD'},
- },
- matches= {
- {match='', output='IBM Proventia'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/i18n/EN/css/foundstone.css', method='HEAD'},
- {path='/i18n/EN/images/external_nav_square.gif', method='HEAD'},
- },
- matches= {
- {match='', output='Foundstone'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/officescan/console/html/cgi/cgiChkMasterPwd.exe', method='HEAD'},
- {path='/officescan/console/html/ClientInstall/officescannt.htm', method='HEAD'},
- {path='/officescan/console/html/images/icon_refresh.gif', method='HEAD'},
- },
- matches= {
- {match='', output='Trend Micro OfficeScan Server'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/picts/BC_bwlogorev.gif', method='HEAD'},
- {path='/picts/menu_leaf.gif', method='HEAD'},
- },
- matches= {
- {match='', output='BlueCoat Reporter'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/theme/images/en/login1.gif', method='HEAD'},
- },
- matches={
- {match='', output='Fortinet VPN/Firewall'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/', method='GET'},
- },
- matches={
- {match='id="NessusClient"', output='Nessus'},
- {match='NessusClient.swf', output='Nessus'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/NessusClient.swf', method='HEAD'},
- },
- matches={
- {match='', output='Nessus'}
- }
-})
-
-table.insert(fingerprints, {
- category='security',
- probes={
- {path='/dotDefender/', method='HEAD'},
- },
- matches={
- {match='', output='dotDefender Web Application Firewall'}
- }
-})
-------------------------------------------------
----- MANAGEMENT SOFTWARE ----
-------------------------------------------------
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/vmware/', method='HEAD'},
- {path='/vmware/imx/vmware_boxes-16x16.png', method='HEAD'},
- {path='/ui/', method='HEAD'},
- {path='/ui/imx/vmwareLogo-16x16.png', method='HEAD'},
- {path='/ui/imx/vmwarePaperBagLogo-16x16.png', method='HEAD'},
- {path='/ui/vManage.do', method='HEAD'},
- {path='/client/VMware-viclient.exe', method='HEAD'},
- {path='/en/welcomeRes.js', method='HEAD'}
- },
- matches={
- {output='VMWare'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/citrix/', method='HEAD'},
- {path='/Citrix/', method='HEAD'},
- {path='/Citrix/MetaFrame/auth/login.aspx', method='HEAD'},
- {path='/images/ctxHeader01.jpg', method='HEAD'},
- {path='/images/Safeword_Token.jpg', method='HEAD'},
- {path='/sw/auth/login.aspx', method='HEAD'},
- {path='/vpn/images/AccessGateway.ico', method='HEAD'},
- {path='/citrix/AccessPlatform/auth/clientscripts/', method='HEAD'},
- {path='/AccessPlatform/auth/clientscripts/', method='HEAD'},
- {path='/Citrix//AccessPlatform/auth/clientscripts/cookies.js', method='HEAD'},
- {path='/Citrix/AccessPlatform/auth/clientscripts/login.js', method='HEAD'},
- {path='/Citrix/PNAgent/config.xml', method='HEAD'},
- },
- matches={
- {output='Citrix'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/cgi-bin/image/shikaku2.png', method='HEAD'},
- },
- matches= {
- {match='', output='TeraStation PRO RAID 0/1/5 Network Attached Storage'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/config/public/usergrp.gif', method='HEAD'},
- {path='/pictures/buttons/file_view_mark.gif', method='HEAD'},
- },
- matches= {
- {match='', output='AXIS StorPoint'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=', method='HEAD'},
- {path='/hplogo.gif', method='HEAD'},
- },
- matches= {
- {match='', output='HP System Management Homepage'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/ie_index.htm', method='HEAD'},
- {path='/ilo.gif', method='HEAD'},
- },
- matches= {
- {match='', output='HP Integrated Lights Out'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/images/icon_server_connected.gif', method='HEAD'},
- },
- matches= {
- {match='', output='HP Blade Enclosure'}
+ {match='', output='HP Blade Enclosure'}
}
})
@@ -2035,7 +1404,7 @@
table.insert(fingerprints, {
category='management',
probes={
- {path='/Dashboard/Dashboard.html', method='GET'}
+ {path='/Dashboard/Dashboard.html', method='GET'},
},
matches= {
{match='Server: Kodak-RulesBasedAutomation', output='Prinergy Dashboard Client Login'},
@@ -2043,45 +1412,7 @@
}
})
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/flexfm/', method='HEAD'}
- },
- matches= {
- {match='', output='Flex File Manager'}
- }
-})
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/lib/usermanagement/userInfo.php', method='HEAD'}
- },
- matches= {
- {match='', output='Testlink TestManagement'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/security/xamppsecurity.php', method='HEAD'}
- },
- matches= {
- {match='', output='XAMPP'}
- }
-})
-
-table.insert(fingerprints, {
- category='management',
- probes={
- {path='/dm-albums/dm-albums.php', method='HEAD'}
- },
- matches= {
- {match='', output='DM FileManager'}
- }
-})
------------------------------------------------
---- PRINTERS, WEBCAMS, PROJECTORS ----
------------------------------------------------
@@ -2157,89 +1488,12 @@
------------------------------------------------
---- DATABASES ----
------------------------------------------------
-
---phpmyadmin db taken from http://milw0rm.com/exploits/8921
table.insert(fingerprints, {
category='database',
probes={
{path='/phpmyadmin/', method='HEAD'},
{path='/phpMyAdmin/', method='HEAD'},
- {path='/PHPMyAdmin/', method='HEAD'},
- {path='/PMA/', method='HEAD'},
- {path='/pma/', method='HEAD'},
- {path='/dbadmin/', method='HEAD'},
- {path='/myadmin/', method='HEAD'},
- {path='/php-my-admin/', method='HEAD'},
- {path='/phpMyAdmin2/', method='HEAD'},
- {path='/phpMyAdmin-2/', method='HEAD'},
- {path='/phpMyAdmin-2.2.3/', method='HEAD'},
- {path='/phpMyAdmin-2.2.6/', method='HEAD'},
- {path='/phpMyAdmin-2.5.1/', method='HEAD'},
- {path='/phpMyAdmin-2.5.4/', method='HEAD'},
- {path='/phpMyAdmin-2.5.5-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.5.5-rc2/', method='HEAD'},
- {path='/phpMyAdmin-2.5.5/', method='HEAD'},
- {path='/phpMyAdmin-2.5.5-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.5.6-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.5.6-rc2/', method='HEAD'},
- {path='/phpMyAdmin-2.5.6/', method='HEAD'},
- {path='/phpMyAdmin-2.5.7/', method='HEAD'},
- {path='/phpMyAdmin-2.5.7-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-alpha/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-alpha2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-beta1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-beta2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-rc2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-rc3/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-pl2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.0-pl3/', method='HEAD'},
- {path='/phpMyAdmin-2.6.1-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.1-rc2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.1-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.1-pl2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.1-pl3/', method='HEAD'},
- {path='/phpMyAdmin-2.6.2-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.2-beta1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.2-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.2-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.3/', method='HEAD'},
- {path='/phpMyAdmin-2.6.3-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.3/', method='HEAD'},
- {path='/phpMyAdmin-2.6.3-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.4-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.4-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.6.4-pl2/', method='HEAD'},
- {path='/phpMyAdmin-2.6.4-pl3/', method='HEAD'},
- {path='/phpMyAdmin-2.6.4-pl4/', method='HEAD'},
- {path='/phpMyAdmin-2.6.4/', method='HEAD'},
- {path='/phpMyAdmin-2.7.0-beta1/', method='HEAD'},
- {path='/phpMyAdmin-2.7.0-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.7.0-pl1/', method='HEAD'},
- {path='/phpMyAdmin-2.7.0-pl2/', method='HEAD'},
- {path='/phpMyAdmin-2.7.0/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0-beta1/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0-rc2/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0.1/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0.2/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0.3/', method='HEAD'},
- {path='/phpMyAdmin-2.8.0.4/', method='HEAD'},
- {path='/phpMyAdmin-2.8.1-rc1/', method='HEAD'},
- {path='/phpMyAdmin-2.8.1/', method='HEAD'},
- {path='/phpMyAdmin-2.8.2/', method='HEAD'},
- {path='/sqlmanager/', method='HEAD'},
- {path='/php-myadmin/', method='HEAD'},
- {path='/phpmy-admin/', method='HEAD'},
- {path='/mysqladmin/', method='HEAD'},
- {path='/mysql-admin/', method='HEAD'},
- {path='/websql/', method='HEAD'},
- {path='/_phpmyadmin/', method='HEAD'}
+ {path='/PHPMyAdmin/', method='HEAD'}
},
matches={
{output='phpMyAdmin'}
@@ -2430,7 +1684,6 @@
{path='/lists/mycomments.aspx', method='HEAD'},
{path='/_layouts/userdisp.aspx', method='HEAD'},
{path='/_layouts/help.aspx', method='HEAD'},
- {path='/_layouts/download.aspx', method='HEAD'}
},
matches= {
{match='', output='MS Sharepoint'}
@@ -2672,17 +1925,7 @@
{path='/Info.live.htm', method='GET'}
},
matches={
- {match='200', output='Possible DD-WRT router Information Disclosure (OSVDB 70230)'}
- }
-})
-
-table.insert(fingerprints, {
- category='attacks',
- probes={
- {path='/CuteSoft_Client/CuteEditor/Load.ashx?type=image&file=../../../web.config', method='GET'}
- },
- matches={
- {match='200', output='Cute Editor ASP.NET Remote File Disclosure ( CVE 2009-4665 )'}
+ {match='200', output='Possible DD-WRT router Information Disclosure (OSVDB 70230)'}
}
})
------------------------------------------------
@@ -2992,341 +2235,6 @@
}
})
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/system/admin/header.php', method='GET'},
- {path='/system/admin/comments_items.php', method='GET'}
- },
- matches= {
- {match='', output='Habari Blog'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/scripts/fckeditor/editor/filemanager/connectors/test.html', method='GET'},
- {path='/scripts/fckeditor/editor/filemanager/connectors/uploadtest.html', method='GET'}
- },
- matches= {
- {match='', output='Digitalus CMS/FCKEditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/fckeditor/editor/filemanager/connectors/test.html', method='GET'}
- },
- matches= {
- {match='', output='phpmotion/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/fckeditor/editor/filemanager/upload/test.html', method='GET'}
- },
- matches= {
- {match='', output='Geeklog/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html', method='GET'}
- },
- matches= {
- {match='', output='OpenCart/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html', method='GET'}
- },
- matches= {
- {match='', output='DM File Manager/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html', method='GET'}
- },
- matches= {
- {match='', output='DM File Manager/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php', method='HEAD'},
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/asp/connector.asp', method='HEAD'},
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx', method='HEAD'},
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/cfm/connector.cfm', method='HEAD'},
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/lasso/connector.lasso', method='HEAD'},
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/perl/connector.cgi', method='HEAD'},
- {path='/includes/FCKeditor/editor/filemanager/browser/default/connectors/py/connector.py', method='HEAD'}
- },
- matches= {
- {match='', output='PHPnuke/Remote File Download'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/FCKEditor/editor/filemanager/browser/default/connectors/test.html', method='GET'}
- },
- matches= {
- {match='', output='EgO or osCMax/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/admin/includes/tiny_mce/plugins/tinybrowser/upload.php', method='GET'}
- },
- matches= {
- {match='', output='CompactCMS or B-Hind CMS/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/Backstage/Components/FreeTextBox/ftb.imagegallery.aspx', method='HEAD'}
- },
- matches= {
- {match='', output='Luftguitar CMS/File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/_plugin/fckeditor/editor/filemanager/connectors/test.html', method='HEAD'}
- },
- matches= {
- {match='', output='SweetRice/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/html/news_fckeditor/editor/filemanager/upload/php/upload.php', method='HEAD'}
- },
- matches= {
- {match='', output='cardinalCms/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/fckeditor/editor/filemanager/connectors/test.html', method='HEAD'}
- },
- matches= {
- {match='', output='LightNEasy/FCKeditor File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/admin/includes/FCKeditor/editor/filemanager/upload/test.html', method='HEAD'}
- },
- matches= {
- {match='', output='ASP Simple Blog / FCKeditor File Upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/uploadsnaps.php', method='HEAD'}
- },
- matches= {
- {match='', output='ZeeMatri/File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/upload/includes/js/files/upload.php', method='HEAD'}
- },
- matches= {
- {match='', output='Digital College/File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/tinybrowser/upload.php', method='HEAD'}
- },
- matches= {
- {match='', output='Tinybrowser Remote File Upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/editor/editor/filemanager/upload/test.html', method='HEAD'}
- },
- matches= {
- {match='', output='Tadbir / File Upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/photogallery_open.php', method='HEAD'}
- },
- matches= {
- {match='', output='Heaven Soft CMS'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx', method='HEAD'}
- },
- matches= {
- {match='', output='DotNetNuke / File Upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/assetmanager/assetmanager.asp', method='HEAD'}
- },
- matches= {
- {match='', output='Asset Manager/Remote File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/Final/login/ava_upl.php', method='HEAD'},
- {path='/Final/login/ava_upl2.php', method='HEAD'}
- },
- matches= {
- {match='', output='Asset Manager/Remote File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/spaw/demo.php', method='HEAD'}
- },
- matches= {
- {match='', output='SpawCMS/Remote File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/admin/jscript/upload.php', method='HEAD'},
- {path='/admin/jscript/upload.html', method='HEAD'},
- {path='/admin/jscript/upload.pl', method='HEAD'},
- {path='/admin/jscript/upload.asp', method='HEAD'}
- },
- matches= {
- {match='', output='Lizard Cart/Remote File upload'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/databases/acidcat_3.mdb', method='HEAD'}
- },
- matches= {
- {match='', output='Acidcat CMS Database'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/mdb-database/dblog.mdb', method='HEAD'}
- },
- matches= {
- {match='', output='dBlog Database'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/db/users.mdb', method='HEAD'},
- {path='/db/'}
- },
- matches= {
- {match='', output='BlogWorx Database'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/infusions/avatar_studio/avatar_studio.php', method='HEAD'}
- },
- matches= {
- {match='', output='PHP-Fusion Mod avatar_studio'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/bnnr.php', method='HEAD'},
- {path='/vb/bnnr.php', method='HEAD'}
- },
- matches= {
- {match='', output='PHP-Fusion Mod avatar_studio'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/bnnr.php', method='HEAD'},
- {path='/vb/bnnr.php', method='HEAD'},
- {path='/forum/bnnr.php', method='HEAD'}
- },
- matches= {
- {match='', output='vBulletin ads_saed'}
- }
-})
-
-table.insert(fingerprints, {
- category='cms',
- probes={
- {path='/weblink_cat_list.php', method='HEAD'}
- },
- matches= {
- {match='', output='WHMCompleteSolution CMS'}
- }
-})
------------------------------------------------
---- UNCATEGORIZED ----