---HTTP Fingerprint files, compiled by Ron Bowes with a special thanks to... -- o Kevin Johnson (@secureideas) for the fingerprints that come with Yokoso -- http://yokoso.inguardians.com -- o Jason H. (@jhaddix) for helping out with a whole pile of fingerprints he's -- collected -- o Bob Dooling -- o Robert Rowley for the awesome open source cms and README checks -- http://www.irvineunderground.org -- -- This file is released under the Nmap license; see: -- http://nmap.org/book/man-legal.html -- -- Although this format was originally modeled after the Nikto format, that ended -- up being too restrictive. The current format is a simple Lua table. There are many -- advantages to this technique; it's powerful, we don't need to write custom parsing -- code, anybody who codes in Lua can easily add checks, and we can write converters -- to read Nikto and other formats if we want to. -- -- The 'fingerprints' table is the key. It's an array of checks that will be run in the -- order they're given. Each check consists of a path, zero or more matches, output text, -- and other optional fields. Here are all the currently defined fields: -- -- fingerprint.probes -- A list of one or more probes to send to the server. Each probe is either a table containing -- the key 'path' (and potentially others), or it's a string indicating the path. -- -- fingerprint.probes[i].path -- The URI to check, optionally containing GET arguments. This should start with a '/' -- and, if it's a directory, end with a '/'. -- -- fingerprint.probes[i].method [optional; default: 'GET'}}] -- The HTTP method to use when making requests ('GET'}}, 'POST', 'HEAD', 'PUT', 'DELETE', etc -- -- fingerprint.ignore_404 [optional; default: false] -- If set, the automatic checks for 404 and custom 404 pages are disabled for that check. -- Every page will be included unless fingerprint.matches.dontmatch excludes it. -- -- fingerprint.severity [optional; default: 1] -- Give a severity rating, if it's a vulnerability. The scale is: -- 1 - Info -- 2 - Low priority -- 3 - Warning -- 4 - Critical -- -- fingerprint.matches -- An array of tables, each of which contains three fields. These will be checked, starting -- from the first, until one is matched. If there is no 'match' text, it will fire as long -- as the result isn't a 404. This match is not case sensitive. -- -- fingerprint.matches[i].match -- A string (specifically, a Lua pattern) that has to be found somewhere in the output to -- count as a match. The string can be in the status line, in a header, or in the body. -- In addition to matching, this field can contain captures that'll be included in the -- output. See: http://lua-users.org/wiki/PatternsTutorial -- -- fingerprint.matches[i].dontmatch -- A string (specifically, a lua pattern) that cannot be found somewhere in the output. -- This takes precedence over any text matched in the 'match' field -- -- fingerprint.matches[i].output -- The text to output if this match happens. If the 'match' field contains captures, these -- captures can be used with \1, \2, etc. -- -- -- If you have any questions, feel free to email nmap-dev@insecure.org or contact Ron Bowes! -- -- CHANGELOG: -- Added 120 new signatures taken from exploit-db.com archives from July 2009 to July 2011 [Paulino Calderon] -- fingerprints = {} ------------------------------------------------ ---- GENERAL CHECKS ---- ------------------------------------------------ -- These are checks for generic paths, like /wiki, /images, /admin, etc table.insert(fingerprints, { category='general', probes={ {path='/', method='GET'} }, matches={ {match='Index of .*(Apache.*) Server at', output='Root directory w/ listing on \'\\1\''}, {match='<title>Index of', output='Root directory w/ directory listing'} } }) table.insert(fingerprints, { category='general', probes={ {path='/blog/', method='HEAD'}, {path='/weblog/', method='HEAD'}, {path='/weblogs/', method='HEAD'}, {path='/wordpress/', method='HEAD'} }, matches={ {output='Blog'} } }) table.insert(fingerprints, { category='general', probes={ {path='/wiki/', method='HEAD'}, {path='/mediawiki/', method='HEAD'}, {path='/wiki/Main_Page', method='HEAD'} }, matches={ {output='Wiki'} } }) table.insert(fingerprints, { category='general', probes={ {path='/tikiwiki/', method='HEAD'} }, matches={ {output='Tikiwiki'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-bin/mj_wwwusr', method='HEAD'}, {path='/majordomo/mj_wwwusr', method='HEAD'} }, matches= { {match='', output='Majordomo2 Mailing List'} } }) table.insert(fingerprints, { category='general', probes={ {path='/j2ee/examples/servlets/', method='HEAD'}, {path='/j2ee/examples/jsp/', method='HEAD'} }, matches= { {match='', output='Oracle j2ee examples'} } }) table.insert(fingerprints, { category='general', probes={ {path='/dsc/', method='HEAD'} }, matches= { {match='', output='Trend Micro Data Loss Prevention Virtual Appliance'} } }) table.insert(fingerprints, { category='general', probes={ {path='/reg_1.htm', method='HEAD'} }, matches= { {match='', output='Polycom IP phone'} } }) table.insert(fingerprints, { category='general', probes={ {path='/adr.htm', method='HEAD'}, {path='/line_login.htm?l=1', method='HEAD'}, {path='/tbook.csv', method='HEAD'} }, matches= { {match='', output='Snom IP Phone'} } }) table.insert(fingerprints, { category='general', probes={ {path='/globalSIPsettings.html', method='HEAD'}, {path='/SIPsettingsLine1.html', method='HEAD'} }, matches= { {match='', output='Aastra IP Phone'} } }) table.insert(fingerprints, { category='general', probes={ {path='/websvn/', method='HEAD'} }, matches= { {match='', output='WEBSVN Repository'} } }) table.insert(fingerprints, { category='general', probes={ {path='/repos/', method='GET'}, {path='/repo/', method='GET'}, {path='/svn/', method='GET'}, {path='/cvs/', method='GET'} }, matches= { {match='realm=".-Subversion.-"', output='Subversion Repository'}, {match='', output='Possible code repository'} } }) table.insert(fingerprints, { category='general', probes={ {path='/archiva/index.action', method='GET'}, {path='/index.action', method='GET'} }, matches= { {match='.*">Apache Archiva (.-)</a>', output='Apache Archiva version \\1'}, {match='Apache Archiva (%d-%..-)\n', output='Apache Archiva version \\1'}, {match='<title>Apache Archiva \\', output='Apache Archiva'} } }) table.insert(fingerprints, { category='general', probes={ {path='/login.stm', method='HEAD'} }, matches= { {match='', output='Belkin G Wireless Router'} } }) table.insert(fingerprints, { category='general', probes={ {path='/tools_admin.php', method='HEAD'} }, matches= { {match='', output='D-Link DIR-300'} } }) table.insert(fingerprints, { category='general', probes={ {path='/bsc_lan.php', method='HEAD'} }, matches= { {match='', output='D-Link DIR-300, DIR-320, DIR-615 revD'} } }) table.insert(fingerprints, { category='general', probes={ {path='/Manage.tri', method='HEAD'} }, matches= { {match='', output='Linksys WRT54G2'} } }) table.insert(fingerprints, { category='general', probes={ {path='/logo_t.gif', method='HEAD'} }, matches= { {match='IP_SHARER WEB', output='Arris 2307'} } }) table.insert(fingerprints, { category='general', probes={ {path='//system.html', method='HEAD'} }, matches= { {match='', output='CMNC-200 IP Camera'} } }) table.insert(fingerprints, { category='general', probes={ {path='/main_configure.cgi', method='HEAD'} }, matches= { {match='', output='Intellinet IP Camera'} } }) table.insert(fingerprints, { category='general', probes={ {path='/OvCgi/Toolbar.exe', method='HEAD'} }, matches= { {match='', output='HP OpenView Network Node Manager'} } }) table.insert(fingerprints, { category='general', probes={ {path='/frontend/x3/', method='HEAD'} }, matches= { {match='', output='CPanel'} } }) table.insert(fingerprints, { category='general', probes={ {path='/awstatstotals/awstatstotals.php', method='HEAD'}, {path='/awstats/awstatstotals.php', method='HEAD'}, {path='/awstatstotals.php', method='HEAD'}, {path='/awstats/index.php', method='HEAD'}, {path='/awstatstotals/index.php', method='HEAD'} }, matches= { {match='', output='AWStats Totals'} } }) table.insert(fingerprints, { category='general', probes={ {path='/egroupware/', method='HEAD'} }, matches= { {match='', output='eGroupware'} } }) table.insert(fingerprints, { category='general', probes={ {path='/calendar/cal_search.php', method='HEAD'}, {path='/cal_search.php', method='HEAD'} }, matches= { {match='', output='ExtCalendar'} } }) table.insert(fingerprints, { category='general', probes={ {path='/a_viewusers.php', method='HEAD'}, {path='/aphpkb/', method='HEAD'} }, matches= { {match='', output='Andys PHP Knowledgebase'} } }) table.insert(fingerprints, { category='general', probes={ {path='/webedition/we/include/we_modules/', method='HEAD'}, {path='/webedition/', method='HEAD'} }, matches= { {match='', output='Web Edition'} } }) table.insert(fingerprints, { category='general', probes={ {path='/Examples/', method='HEAD'} }, matches= { {match='', output='Possible documentation files'} } }) table.insert(fingerprints, { category='general', probes={ {path='/LightNEasy.php?do=login', method='HEAD'} }, matches= { {match='', output='LightNEasy'} } }) table.insert(fingerprints, { category='general', probes={ {path='/channel_detail.php', method='HEAD'} }, matches= { {match='', output='DzTube'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-bin/vcs', method='HEAD'} }, matches= { {match='', output='Mitel Audio and Web Conferencing (AWC)'} } }) table.insert(fingerprints, { category='general', probes={ {path='/ocsreports/', method='HEAD'} }, matches= { {match='', output='OCS Inventory'} } }) table.insert(fingerprints, { category='general', probes={ {path='/vbseo.php', method='HEAD'} }, matches= { {match='', output='vBSEO'} } }) table.insert(fingerprints, { category='general', probes={ {path='/forum/', method='HEAD'}, {path='/forums/', method='HEAD'}, {path='/smf/', method='HEAD'}, {path='/phpbb/', method='HEAD'} }, matches={ {output='Forum'} } }) table.insert(fingerprints, { category='general', probes={ {path='/manager/', method='HEAD'}, {path='/admin.php', method='HEAD'}, {path='/admin/', method='HEAD'}, {path='/admin/admin/', method='HEAD'}, {path='/administrator/', method='HEAD'}, {path='/moderator/', method='HEAD'}, {path='/webadmin/', method='HEAD'}, {path='/adminarea/', method='HEAD'}, {path='/bb-admin/', method='HEAD'}, {path='/adminLogin/', method='HEAD'}, {path='/admin_area/', method='HEAD'}, {path='/panel-administracion/', method='HEAD'}, {path='/instadmin/', method='HEAD'}, {path='/memberadmin/', method='HEAD'}, {path='/administratorlogin/', method='HEAD'}, {path='/adm/', method='HEAD'}, {path='/admin/account.php', method='HEAD'}, {path='/admin/index.php', method='HEAD'}, {path='/admin/login.php', method='HEAD'}, {path='/admin/admin.php', method='HEAD'}, {path='/joomla/administrator', method='HEAD'}, {path='/login.php', method='HEAD'}, {path='/admin_area/admin.php', method='HEAD'}, {path='/admin_area/login.php', method='HEAD'}, {path='/siteadmin/login.php', method='HEAD'}, {path='/siteadmin/index.php', method='HEAD'}, {path='/siteadmin/login.html', method='HEAD'}, {path='/admin/index.html', method='HEAD'}, {path='/admin/login.html', method='HEAD'}, {path='/admin/admin.html', method='HEAD'}, {path='/admin_area/index.php', method='HEAD'}, {path='/bb-admin/index.php', method='HEAD'}, {path='/bb-admin/login.php', method='HEAD'}, {path='/bb-admin/admin.php', method='HEAD'}, {path='/admin/home.php', method='HEAD'}, {path='/admin_area/login.html', method='HEAD'}, {path='/admin_area/index.html', method='HEAD'}, {path='/admin/controlpanel.php', method='HEAD'}, {path='/admincp/', method='HEAD'}, {path='/admincp/index.asp', method='HEAD'}, {path='/admincp/index.html', method='HEAD'}, {path='/admincp/login.php', method='HEAD'}, {path='/admin/account.html', method='HEAD'}, {path='/adminpanel.html', method='HEAD'}, {path='/webadmin.html', method='HEAD'}, {path='/webadmin/index.html', method='HEAD'}, {path='/webadmin/admin.html', method='HEAD'}, {path='/webadmin/login.html', method='HEAD'}, {path='/admin/admin_login.html', method='HEAD'}, {path='/admin_login.html', method='HEAD'}, {path='/panel-administracion/login.html', method='HEAD'}, {path='/admin/cp.php', method='HEAD'}, {path='/cp.php', method='HEAD'}, {path='/administrator/index.php', method='HEAD'}, {path='/administrator/login.php', method='HEAD'}, {path='/nsw/admin/login.php', method='HEAD'}, {path='/webadmin/login.php', method='HEAD'}, {path='/admin/admin_login.php', method='HEAD'}, {path='/admin_login.php', method='HEAD'}, {path='/administrator/account.php', method='HEAD'}, {path='/administrator.php', method='HEAD'}, {path='/admin_area/admin.html', method='HEAD'}, {path='/pages/admin/admin-login.php', method='HEAD'}, {path='/admin/admin-login.php', method='HEAD'}, {path='/admin-login.php', method='HEAD'}, {path='/bb-admin/index.html', method='HEAD'}, {path='/bb-admin/login.html', method='HEAD'}, {path='/bb-admin/admin.html', method='HEAD'}, {path='/admin/home.html', method='HEAD'}, {path='/modelsearch/login.php', method='HEAD'}, {path='/moderator.php', method='HEAD'}, {path='/moderator/login.php', method='HEAD'}, {path='/moderator/admin.php', method='HEAD'}, {path='/account.php', method='HEAD'}, {path='/pages/admin/admin-login.html', method='HEAD'}, {path='/admin/admin-login.html', method='HEAD'}, {path='/admin-login.html', method='HEAD'}, {path='/controlpanel.php', method='HEAD'}, {path='/admincontrol.php', method='HEAD'}, {path='/admin/adminLogin.html', method='HEAD'}, {path='/adminLogin.html', method='HEAD'}, {path='/home.html', method='HEAD'}, {path='/rcjakar/admin/login.php', method='HEAD'}, {path='/adminarea/index.html', method='HEAD'}, {path='/adminarea/admin.html', method='HEAD'}, {path='/webadmin.php', method='HEAD'}, {path='/webadmin/index.php', method='HEAD'}, {path='/webadmin/admin.php', method='HEAD'}, {path='/admin/controlpanel.html', method='HEAD'}, {path='/admin.html', method='HEAD'}, {path='/admin/cp.html', method='HEAD'}, {path='/cp.html', method='HEAD'}, {path='/adminpanel.php', method='HEAD'}, {path='/moderator.html', method='HEAD'}, {path='/administrator/index.html', method='HEAD'}, {path='/administrator/login.html', method='HEAD'}, {path='/user.html', method='HEAD'}, {path='/administrator/account.html', method='HEAD'}, {path='/administrator.html', method='HEAD'}, {path='/login.html', method='HEAD'}, {path='/modelsearch/login.html', method='HEAD'}, {path='/moderator/login.html', method='HEAD'}, {path='/adminarea/login.html', method='HEAD'}, {path='/panel-administracion/index.html', method='HEAD'}, {path='/panel-administracion/admin.html', method='HEAD'}, {path='/modelsearch/index.html', method='HEAD'}, {path='/modelsearch/admin.html', method='HEAD'}, {path='/admincontrol/login.html', method='HEAD'}, {path='/adm/index.html', method='HEAD'}, {path='/adm.html', method='HEAD'}, {path='/moderator/admin.html', method='HEAD'}, {path='/user.php', method='HEAD'}, {path='/account.html', method='HEAD'}, {path='/controlpanel.html', method='HEAD'}, {path='/admincontrol.html', method='HEAD'}, {path='/panel-administracion/login.php', method='HEAD'}, {path='/wp-login.php', method='HEAD'}, {path='/adminLogin.php', method='HEAD'}, {path='/admin/adminLogin.php', method='HEAD'}, {path='/adminarea/index.php', method='HEAD'}, {path='/adminarea/admin.php', method='HEAD'}, {path='/adminarea/login.php', method='HEAD'}, {path='/panel-administracion/index.php', method='HEAD'}, {path='/panel-administracion/admin.php', method='HEAD'}, {path='/modelsearch/index.php', method='HEAD'}, {path='/modelsearch/admin.php', method='HEAD'}, {path='/admincontrol/login.php', method='HEAD'}, {path='/adm/admloginuser.php', method='HEAD'}, {path='/admloginuser.php', method='HEAD'}, {path='/admin2.php', method='HEAD'}, {path='/admin2/login.php', method='HEAD'}, {path='/admin2/index.php', method='HEAD'}, {path='/adm/index.php', method='HEAD'}, {path='/adm.php', method='HEAD'}, {path='/affiliate.php', method='HEAD'}, {path='/adm_auth.php', method='HEAD'}, {path='/memberadmin.php', method='HEAD'}, {path='/administratorlogin.php', method='HEAD'}, {path='/account.cfm', method='HEAD'}, {path='/admin/account.cfm', method='HEAD'}, {path='/admin/index.cfm', method='HEAD'}, {path='/admin/login.cfm', method='HEAD'}, {path='/admin/admin.cfm', method='HEAD'}, {path='/admin.cfm', method='HEAD'}, {path='/admin/admin_login.cfm', method='HEAD'}, {path='/admin_login.cfm', method='HEAD'}, {path='/adminpanel.cfm', method='HEAD'}, {path='/admin/controlpanel.cfm', method='HEAD'}, {path='/admincontrol.cfm', method='HEAD'}, {path='/panel-administracion/login.cfm', method='HEAD'}, {path='/admin/cp.cfm', method='HEAD'}, {path='/pages/admin/admin-login.cfm', method='HEAD'}, {path='/admincp/index.cfm', method='HEAD'}, {path='/admincp/login.cfm', method='HEAD'}, {path='/admin_area/admin.cfm', method='HEAD'}, {path='/admin_area/login.cfm', method='HEAD'}, {path='/moderator/login.cfm', method='HEAD'}, {path='/administrator/login.cfm', method='HEAD'}, {path='/moderator.cfm', method='HEAD'}, {path='/modelsearch/index.cfm', method='HEAD'}, {path='/panel-administracion/admin.cfm', method='HEAD'}, {path='/adm/admloginuser.cfm', method='HEAD'}, {path='/adm.cfm', method='HEAD'}, {path='/adm_auth.cfm', method='HEAD'}, {path='/administratorlogin.cfm', method='HEAD'}, {path='/webadmin.cfm', method='HEAD'}, {path='/webadmin/index.cfm', method='HEAD'}, {path='/modelsearch/login.cfm', method='HEAD'}, {path='/login.cfm', method='HEAD'}, {path='/administrator.cfm', method='HEAD'}, {path='/administrator/account.cfm', method='HEAD'}, {path='/adminLogin.cfm', method='HEAD'}, {path='/siteadmin/login.cfm', method='HEAD'}, {path='/admin2/index.cfm', method='HEAD'}, {path='/adm/index.cfm', method='HEAD'}, {path='/admin_area/index.cfm', method='HEAD'}, {path='/bb-admin/index.cfm', method='HEAD'}, {path='/bb-admin/login.cfm', method='HEAD'}, {path='/bb-admin/admin.cfm', method='HEAD'}, {path='/siteadmin/index.cfm', method='HEAD'}, {path='/memberadmin.cfm', method='HEAD'}, {path='/admin2/login.cfm', method='HEAD'}, {path='/admloginuser.cfm', method='HEAD'}, {path='/admincontrol/login.cfm', method='HEAD'}, {path='/administrator/index.cfm', method='HEAD'}, {path='/modelsearch/admin.cfm', method='HEAD'}, {path='/panel-administracion/index.cfm', method='HEAD'}, {path='/adminarea/login.cfm', method='HEAD'}, {path='/adminarea/admin.cfm', method='HEAD'}, {path='/adminarea/index.cfm', method='HEAD'}, {path='/admin/adminLogin.cfm', method='HEAD'}, {path='/webadmin/login.cfm', method='HEAD'}, {path='/webadmin/admin.cfm', method='HEAD'}, {path='/user.cfm', method='HEAD'}, {path='/controlpanel.cfm', method='HEAD'}, {path='/moderator/admin.cfm', method='HEAD'}, {path='/cp.cfm', method='HEAD'}, {path='/admin-login.cfm', method='HEAD'}, {path='/admin/admin-login.cfm', method='HEAD'}, {path='/admin/home.cfm', method='HEAD'}, {path='/adm1n/', method='HEAD'}, {path='/4dm1n/', method='HEAD'}, {path='/account.asp', method='HEAD'}, {path='/admin/account.asp', method='HEAD'}, {path='/admin/index.asp', method='HEAD'}, {path='/admin/login.asp', method='HEAD'}, {path='/admin/admin.asp', method='HEAD'}, {path='/admin_area/admin.asp', method='HEAD'}, {path='/admin_area/login.asp', method='HEAD'}, {path='/admin_area/index.asp', method='HEAD'}, {path='/bb-admin/index.asp', method='HEAD'}, {path='/bb-admin/login.asp', method='HEAD'}, {path='/bb-admin/admin.asp', method='HEAD'}, {path='/admin/home.asp', method='HEAD'}, {path='/admin/controlpanel.asp', method='HEAD'}, {path='/admin.asp', method='HEAD'}, {path='/pages/admin/admin-login.asp', method='HEAD'}, {path='/admin/admin-login.asp', method='HEAD'}, {path='/admin-login.asp', method='HEAD'}, {path='/admin/cp.asp', method='HEAD'}, {path='/cp.asp', method='HEAD'}, {path='/administrator/account.asp', method='HEAD'}, {path='/administrator.asp', method='HEAD'}, {path='/login.asp', method='HEAD'}, {path='/modelsearch/login.asp', method='HEAD'}, {path='/moderator.asp', method='HEAD'}, {path='/moderator/login.asp', method='HEAD'}, {path='/administrator/login.asp', method='HEAD'}, {path='/moderator/admin.asp', method='HEAD'}, {path='/controlpanel.asp', method='HEAD'}, {path='/user.asp', method='HEAD'}, {path='/admincp/login.asp', method='HEAD'}, {path='/admincontrol.asp', method='HEAD'}, {path='/adminpanel.asp', method='HEAD'}, {path='/webadmin.asp', method='HEAD'}, {path='/webadmin/index.asp', method='HEAD'}, {path='/webadmin/admin.asp', method='HEAD'}, {path='/webadmin/login.asp', method='HEAD'}, {path='/admin/admin_login.asp', method='HEAD'}, {path='/admin_login.asp', method='HEAD'}, {path='/panel-administracion/login.asp', method='HEAD'}, {path='/adminLogin.asp', method='HEAD'}, {path='/admin/adminLogin.asp', method='HEAD'}, {path='/home.asp', method='HEAD'}, {path='/adminarea/index.asp', method='HEAD'}, {path='/adminarea/admin.asp', method='HEAD'}, {path='/adminarea/login.asp', method='HEAD'}, {path='/panel-administracion/index.asp', method='HEAD'}, {path='/panel-administracion/admin.asp', method='HEAD'}, {path='/modelsearch/index.asp', method='HEAD'}, {path='/modelsearch/admin.asp', method='HEAD'}, {path='/administrator/index.asp', method='HEAD'}, {path='/admincontrol/login.asp', method='HEAD'}, {path='/adm/admloginuser.asp', method='HEAD'}, {path='/admloginuser.asp', method='HEAD'}, {path='/admin2.asp', method='HEAD'}, {path='/admin2/login.asp', method='HEAD'}, {path='/admin2/index.asp', method='HEAD'}, {path='/adm/index.asp', method='HEAD'}, {path='/adm.asp', method='HEAD'}, {path='/adm_auth.asp', method='HEAD'}, {path='/memberadmin.asp', method='HEAD'}, {path='/administratorlogin.asp', method='HEAD'}, {path='/siteadmin/login.asp', method='HEAD'}, {path='/siteadmin/index.asp', method='HEAD'}, {path='/account.aspx', method='HEAD'}, {path='/admin/account.aspx', method='HEAD'}, {path='/admin/index.aspx', method='HEAD'}, {path='/admin/login.aspx', method='HEAD'}, {path='/admin/admin.aspx', method='HEAD'}, {path='/admin_area/admin.aspx', method='HEAD'}, {path='/admin_area/login.aspx', method='HEAD'}, {path='/admin_area/index.aspx', method='HEAD'}, {path='/bb-admin/index.aspx', method='HEAD'}, {path='/bb-admin/login.aspx', method='HEAD'}, {path='/bb-admin/admin.aspx', method='HEAD'}, {path='/admin/home.aspx', method='HEAD'}, {path='/admin/controlpanel.aspx', method='HEAD'}, {path='/admin.aspx', method='HEAD'}, {path='/pages/admin/admin-login.aspx', method='HEAD'}, {path='/admin/admin-login.aspx', method='HEAD'}, {path='/admin-login.aspx', method='HEAD'}, {path='/admin/cp.aspx', method='HEAD'}, {path='/cp.aspx', method='HEAD'}, {path='/administrator/account.aspx', method='HEAD'}, {path='/administrator.aspx', method='HEAD'}, {path='/login.aspx', method='HEAD'}, {path='/modelsearch/login.aspx', method='HEAD'}, {path='/moderator.aspx', method='HEAD'}, {path='/moderator/login.aspx', method='HEAD'}, {path='/administrator/login.aspx', method='HEAD'}, {path='/moderator/admin.aspx', method='HEAD'}, {path='/controlpanel.aspx', method='HEAD'}, {path='/user.aspx', method='HEAD'}, {path='/admincp/index.aspx', method='HEAD'}, {path='/admincp/login.aspx', method='HEAD'}, {path='/admincontrol.aspx', method='HEAD'}, {path='/adminpanel.aspx', method='HEAD'}, {path='/webadmin.aspx', method='HEAD'}, {path='/webadmin/index.aspx', method='HEAD'}, {path='/webadmin/admin.aspx', method='HEAD'}, {path='/webadmin/login.aspx', method='HEAD'}, {path='/admin/admin_login.aspx', method='HEAD'}, {path='/admin_login.aspx', method='HEAD'}, {path='/panel-administracion/login.aspx', method='HEAD'}, {path='/adminLogin.aspx', method='HEAD'}, {path='/admin/adminLogin.aspx', method='HEAD'}, {path='/home.aspx', method='HEAD'}, {path='/adminarea/index.aspx', method='HEAD'}, {path='/adminarea/admin.aspx', method='HEAD'}, {path='/adminarea/login.aspx', method='HEAD'}, {path='/panel-administracion/index.aspx', method='HEAD'}, {path='/panel-administracion/admin.aspx', method='HEAD'}, {path='/modelsearch/index.aspx', method='HEAD'}, {path='/modelsearch/admin.aspx', method='HEAD'}, {path='/administrator/index.aspx', method='HEAD'}, {path='/admincontrol/login.aspx', method='HEAD'}, {path='/adm/admloginuser.aspx', method='HEAD'}, {path='/admloginuser.aspx', method='HEAD'}, {path='/admin2.aspx', method='HEAD'}, {path='/admin2/login.aspx', method='HEAD'}, {path='/admin2/index.aspx', method='HEAD'}, {path='/adm/index.aspx', method='HEAD'}, {path='/adm.aspx', method='HEAD'}, {path='/adm_auth.aspx', method='HEAD'}, {path='/memberadmin.aspx', method='HEAD'}, {path='/administratorlogin.aspx', method='HEAD'}, {path='/siteadmin/login.aspx', method='HEAD'}, {path='/siteadmin/index.aspx', method='HEAD'}, {path='/account.jsp', method='HEAD'}, {path='/admin/index.jsp', method='HEAD'}, {path='/admin/login.jsp', method='HEAD'}, {path='/admin/admin.jsp', method='HEAD'}, {path='/admin_area/admin.jsp', method='HEAD'}, {path='/admin_area/login.jsp', method='HEAD'}, {path='/admin_area/index.jsp', method='HEAD'}, {path='/bb-admin/index.jsp', method='HEAD'}, {path='/bb-admin/login.jsp', method='HEAD'}, {path='/bb-admin/admin.jsp', method='HEAD'}, {path='/admin/home.jsp', method='HEAD'}, {path='/admin/controlpanel.jsp', method='HEAD'}, {path='/admin.jsp', method='HEAD'}, {path='/pages/admin/admin-login.jsp', method='HEAD'}, {path='/admin/admin-login.jsp', method='HEAD'}, {path='/admin-login.jsp', method='HEAD'}, {path='/admin/cp.jsp', method='HEAD'}, {path='/cp.jsp', method='HEAD'}, {path='/administrator/account.jsp', method='HEAD'}, {path='/administrator.jsp', method='HEAD'}, {path='/login.jsp', method='HEAD'}, {path='/modelsearch/login.jsp', method='HEAD'}, {path='/moderator.jsp', method='HEAD'}, {path='/moderator/login.jsp', method='HEAD'}, {path='/administrator/login.jsp', method='HEAD'}, {path='/moderator/admin.jsp', method='HEAD'}, {path='/controlpanel.jsp', method='HEAD'}, {path='/user.jsp', method='HEAD'}, {path='/admincp/index.jsp', method='HEAD'}, {path='/admincp/login.jsp', method='HEAD'}, {path='/admincontrol.jsp', method='HEAD'}, {path='/admin/account.jsp', method='HEAD'}, {path='/adminpanel.jsp', method='HEAD'}, {path='/webadmin.jsp', method='HEAD'}, {path='/webadmin/index.jsp', method='HEAD'}, {path='/webadmin/admin.jsp', method='HEAD'}, {path='/webadmin/login.jsp', method='HEAD'}, {path='/admin/admin_login.jsp', method='HEAD'}, {path='/admin_login.jsp', method='HEAD'}, {path='/panel-administracion/login.jsp', method='HEAD'}, {path='/adminLogin.jsp', method='HEAD'}, {path='/admin/adminLogin.jsp', method='HEAD'}, {path='/home.jsp', method='HEAD'}, {path='/adminarea/index.jsp', method='HEAD'}, {path='/adminarea/admin.jsp', method='HEAD'}, {path='/adminarea/login.jsp', method='HEAD'}, {path='/panel-administracion/index.jsp', method='HEAD'}, {path='/panel-administracion/admin.jsp', method='HEAD'}, {path='/modelsearch/index.jsp', method='HEAD'}, {path='/modelsearch/admin.jsp', method='HEAD'}, {path='/administrator/index.jsp', method='HEAD'}, {path='/admincontrol/login.jsp', method='HEAD'}, {path='/adm/admloginuser.jsp', method='HEAD'}, {path='/admloginuser.jsp', method='HEAD'}, {path='/admin2.jsp', method='HEAD'}, {path='/admin2/login.jsp', method='HEAD'}, {path='/admin2/index.jsp', method='HEAD'}, {path='/adm/index.jsp', method='HEAD'}, {path='/adm.jsp', method='HEAD'}, {path='/adm_auth.jsp', method='HEAD'}, {path='/memberadmin.jsp', method='HEAD'}, {path='/administratorlogin.jsp', method='HEAD'}, {path='/siteadmin/login.jsp', method='HEAD'}, {path='/siteadmin/index.jsp', method='HEAD'}, {path='/admin1.php', method='HEAD'}, {path='/administr8.asp', method='HEAD'}, {path='/administr8.php', method='HEAD'}, {path='/administr8.jsp', method='HEAD'}, {path='/administr8.aspx', method='HEAD'}, {path='/administr8.cfm', method='HEAD'}, {path='/administr8/', method='HEAD'}, {path='/administer/', method='HEAD'}, {path='/administracao.php', method='HEAD'}, {path='/administracao.asp', method='HEAD'}, {path='/administracao.aspx', method='HEAD'}, {path='/administracao.cfm', method='HEAD'}, {path='/administracao.jsp', method='HEAD'}, {path='/administracion.php', method='HEAD'}, {path='/administracion.asp', method='HEAD'}, {path='/administracion.aspx', method='HEAD'}, {path='/administracion.jsp', method='HEAD'}, {path='/administracion.cfm', method='HEAD'}, {path='/administrators/', method='HEAD'}, {path='/adminpro/', method='HEAD'}, {path='/admins/', method='HEAD'}, {path='/admins.cfm', method='HEAD'}, {path='/admins.php', method='HEAD'}, {path='/admins.jsp', method='HEAD'}, {path='/admins.asp', method='HEAD'}, {path='/admins.aspx', method='HEAD'}, {path='/maintenance/', method='HEAD'}, {path='/Lotus_Domino_Admin/', method='HEAD'}, {path='/hpwebjetadmin/', method='HEAD'}, {path='/_admin/', method='HEAD'}, {path='/_administrator/', method='HEAD'}, {path='/_administrador/', method='HEAD'}, {path='/_admins/', method='HEAD'}, {path='/_administrators/', method='HEAD'}, {path='/_administradores/', method='HEAD'}, {path='/_administracion/', method='HEAD'}, {path='/_4dm1n/', method='HEAD'}, {path='/_adm1n/', method='HEAD'}, {path='/_Admin/', method='HEAD'}, {path='/system_administration/', method='HEAD'}, {path='/system-administration/', method='HEAD'}, {path='/system-admin/', method='HEAD'}, {path='/system-admins/', method='HEAD'}, {path='/system-administrators/', method='HEAD'}, {path='/administracion-sistema/', method='HEAD'}, {path='/Administracion/', method='HEAD'}, {path='/Admin/', method='HEAD'}, {path='/Administrator/', method='HEAD'}, {path='/Manager/', method='HEAD'}, {path='/Adm/', method='HEAD'}, {path='/systemadmin/', method='HEAD'}, {path='/AdminLogin.asp', method='HEAD'}, {path='/AdminLogin.php', method='HEAD'}, {path='/AdminLogin.jsp', method='HEAD'}, {path='/AdminLogin.aspx', method='HEAD'}, {path='/AdminLogin.cfm', method='HEAD'}, {path='/admin108/', method='HEAD'}, {path='/pec_admin/', method='HEAD'}, {path='/system/admin/', method='HEAD'}, {path='/plog-admin/', method='HEAD'}, {path='/ESAdmin/', method='HEAD'}, {path='/axis2-admin/', method='HEAD'}, {path='/_sys/', method='HEAD'}, {path='/admin_cp.asp', method='HEAD'} }, matches={ {match='<title>Index of', output='Possible admin folder w/ directory listing'}, {output='Possible admin folder'} } }) table.insert(fingerprints, { category='general', probes={ {path='/backup/', method='GET'}, {path='/backup', method='GET'}, {path='/backup.sql', method='GET'}, {path='/backup.sql.gz', method='GET'}, {path='/backup.sql.bz2', method='GET'}, {path='/backup.zip', method='GET'}, {path='/backups/', method='GET'}, {path='/bak/', method='GET'}, {path='/back/', method='GET'}, {path='/cache/backup/', method='GET'}, {path='/admin/backup/', method='GET'}, {path='/dbbackup.txt', method='GET'} }, matches={ {match='<title>Index of', output='Backup folder w/ directory listing'}, {match='', output='Possible backup'} } }) table.insert(fingerprints, { category='general', probes={ {path='/b.sql', method='HEAD'}, {path='/db.sql', method='HEAD'}, {path='/ddb.sql', method='HEAD'}, {path='/users.sql', method='HEAD'}, {path='/database.sql', method='HEAD'}, {path='/mysql.sql', method='HEAD'}, {path='/dump.sql', method='HEAD'}, {path='/respaldo.sql', method='HEAD'}, {path='/data.sql', method='HEAD'}, {path='/old.sql', method='HEAD'}, {path='/usuarios.sql', method='HEAD'}, {path='/bdb.sql', method='HEAD'}, {path='/1.sql', method='HEAD'}, {path='/admin/download/backup.sql', method='HEAD'} }, matches={ {match='', output='Possible database backup'} } }) table.insert(fingerprints, { category='general', probes={ {path='/clientaccesspolicy.xml', method='HEAD'}, }, matches= { {output='Microsoft Silverlight crossdomain policy'} } }) table.insert(fingerprints, { category='general', probes={ {path='/atom/', method='HEAD'}, {path='/atom.aspx', method='HEAD'}, {path='/atom.php', method='HEAD'}, {path='/atom.xml', method='HEAD'}, {path='/atom.jsp', method='HEAD'}, {path='/rss/', method='HEAD'}, {path='/rss.aspx', method='HEAD'}, {path='/rss.php', method='HEAD'}, {path='/rss.xml', method='HEAD'}, {path='/rss.jsp', method='HEAD'} }, matches={ {output='RSS or Atom feed'} } }) table.insert(fingerprints, { category='general', probes={ {path='/etc/passwd', method='GET'}, {path='/boot.ini', method='GET'} }, matches={ {match='root:', output='Webroot appears to be in / (Linux)'}, {match='boot loader', output='Webroot appears to be in c:\\ (Windows)'}, {match='', output='Webroot might be in root folder'} } }) table.insert(fingerprints, { category='general', probes={ {path='/example/', method='GET'}, {path='/examples/', method='GET'}, {path='/iissamples/', method='GET'}, {path='/j2eeexamples/', method='GET'}, {path='/j2eeexamplesjsp/', method='GET'}, {path='/sample/', method='GET'}, {path='/ncsample/', method='GET'}, {path='/fpsample/', method='GET'}, {path='/cmsample/', method='GET'}, {path='/samples/', method='GET'}, {path='/mono/1.1/index.aspx', method='GET'} }, matches= { {match='<title>Index of .*(Apache.*) Server at', output='Sample scripts w/ listing on \'\\1\''}, {match='<title>Index of', output='Sample scripts w/ directory listing'}, {match='', output='Sample scripts'} } }) table.insert(fingerprints, { category='general', probes={ {path='/login/', method='HEAD'}, {path='/login.htm', method='HEAD'}, {path='/login.jsp', method='HEAD'} }, matches= { {match='', output='Login page'} } }) table.insert(fingerprints, { category='general', probes={ {path='/test.asp', method='HEAD'}, {path='/test.class', method='HEAD'}, {path='/test/', method='HEAD'}, {path='/test.htm', method='HEAD'}, {path='/test.html', method='HEAD'}, {path='/test.php', method='HEAD'}, {path='/test.txt', method='HEAD'} }, matches= { {match='', output='Test page'} } }) table.insert(fingerprints, { category='general', probes={ {path='/webmail/', method='HEAD'}, {path='/mail/', method='HEAD'} }, matches= { {match='', output='Mail folder'} } }) table.insert(fingerprints, { category='general', probes={ {path='/log/', method='HEAD'}, {path='/log.htm', method='HEAD'}, {path='/log.php', method='HEAD'}, {path='/log.asp', method='HEAD'}, {path='/log.aspx', method='HEAD'}, {path='/log.jsp', method='HEAD'}, {path='/logs/', method='HEAD'}, {path='/logs.htm', method='HEAD'}, {path='/logs.php', method='HEAD'}, {path='/logs.asp', method='HEAD'}, {path='/logs.aspx', method='HEAD'}, {path='/logs.jsp', method='HEAD'}, {path='/wwwlog/', method='HEAD'}, {path='/wwwlogs/', method='HEAD'}, {path='/mail_log_files/', method='HEAD'} }, matches= { {match='', output='Logs'} } }) table.insert(fingerprints, { category='general', probes={ {path='/images/rails.png', method='HEAD'}, }, matches= { {match='', output='Ruby on Rails'} } }) table.insert(fingerprints, { category='general', probes={ {path='/mono/', method='HEAD'}, }, matches= { {match='', output='Mono'} } }) table.insert(fingerprints, { category='general', probes={ {path='/robots.txt', method='HEAD'}, }, matches= { {match='', output='Robots file'} } }) table.insert(fingerprints, { category='general', probes={ {path='/crossdomain.xml', method='HEAD'}, }, matches= { {output='Adobe Flash crossdomain policy'} } }) table.insert(fingerprints, { category='general', probes={ {path='/css/cake.generic.css', method='HEAD'}, {path='/img/cake.icon.gif', method='HEAD'}, {path='/img/cake.icon.png', method='HEAD'}, {path='/js/vendors.php', method='HEAD'} }, matches= { {match='', output='CakePHP application'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-bin/ffileman.cgi?', method='HEAD'} }, matches= { {match='', output='Ffileman Web File Manager'} } }) table.insert(fingerprints, { category='general', probes={ {path='/fshow.php', method='HEAD'} }, matches= { {match='', output='Horizon Web App'} } }) table.insert(fingerprints, { category='general', probes={ {path='/admin/upload.php', method='HEAD'} }, matches= { {match='', output='Admin File Upload'} } }) table.insert(fingerprints, { category='general', probes={ {path='/upload_multiple_js.php', method='HEAD'} }, matches= { {match='', output='NAS Uploader'} } }) table.insert(fingerprints, { category='general', probes={ {path='/uploadtester.asp', method='HEAD'} }, matches= { {match='', output='Free ASP Upload Shell'} } }) table.insert(fingerprints, { category='general', probes={ {path='/info.php', method='HEAD'}, {path='/phpinfo.php', method='HEAD'} }, matches= { {match='', output='Possible information file'} } }) table.insert(fingerprints, { category='general', probes={ {path='/kusabax/manage_page.php', method='HEAD'} }, matches= { {match='', output='Kusabax Image Board'} } }) table.insert(fingerprints, { category='general', probes={ {path='/plus/lurking.php', method='HEAD'} }, matches= { {match='', output='phpMyChat Plus'} } }) table.insert(fingerprints, { category='general', probes={ {path='/adm/barra/assetmanager/assetmanager.php', method='HEAD'} }, matches= { {match='', output='360 Web Manager'} } }) table.insert(fingerprints, { category='general', probes={ {path='/eyeos/', method='HEAD'} }, matches= { {match='', output='Possible eyeOS installation'} } }) table.insert(fingerprints, { category='general', probes={ {path='/NETWARE.HTM', method='HEAD'} }, matches= { {match='', output='Planet FPS-1101'} } }) table.insert(fingerprints, { category='general', probes={ {path='/setup.cgi', method='HEAD'} }, matches= { {match='', output='Linksys Cisco Wag120n or similar'} } }) table.insert(fingerprints, { category='general', probes={ {path='/debug.cgi', method='HEAD'} }, matches= { {match='', output='Linksys WRT54G'} } }) table.insert(fingerprints, { category='general', probes={ {path='/ehcp/?op=applyforftpaccount', method='HEAD'}, {path='/ehcp/?op=applyforaccount', method='HEAD'}, {path='/ehcp/?op=applyfordomainaccount', method='HEAD'}, {path='/vhosts/ehcp/?op=applyforftpaccount', method='HEAD'}, {path='/vhosts/ehcp/?op=applyforaccount', method='HEAD'}, {path='/vhosts/ehcp/?op=applyfordomainaccount', method='HEAD'}, }, matches= { {match='', output='Easy Hosting Control Panel'} } }) table.insert(fingerprints, { category='general', probes={ {path='/tools_admin.cgi?', method='HEAD'} }, matches= { {match='', output='D-Link WBR-1310'} } }) table.insert(fingerprints, { category='general', probes={ {path='/level/15', method='HEAD'}, {path='/exec/show/log/CR', method='HEAD'}, {path='/level/15/exec/-/configure/http', method='HEAD'}, {path='/level/15/exec/-', method='HEAD'} }, matches= { {match='cisco-IOS', output='Cisco 2811'} } }) table.insert(fingerprints, { category='general', probes={ {path='/login_img.jpg', method='HEAD'} }, matches= { {match='RapidLogic', output='AIRAYA WirelessGRID'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cirronetlogo.gif', method='HEAD'} }, matches= { {match='Cirronet Wavebolt-AP', output='Cirronet Wavebolt'} } }) table.insert(fingerprints, { category='general', probes={ {path='/browserId/wizardForm.jhtml', method='HEAD'}, {path='/webline/html/forms/callback.jhtml', method='HEAD'}, {path='/webline/html/forms/callbackICM.jhtml', method='HEAD'}, {path='/webline/html/agent/AgentFrame.jhtml', method='HEAD'}, {path='/webline/html/agent/default/badlogin.jhtml', method='HEAD'}, {path='/callme/callForm.jhtml', method='HEAD'}, {path='/webline/html/multichatui/nowDefunctWindow.jhtml', method='HEAD'}, {path='/browserId/wizard.jhtml', method='HEAD'}, {path='/admin/CiscoAdmin.jhtml', method='HEAD'}, {path='/msccallme/mscCallForm.jhtml', method='HEAD'}, {path='/webline/html/admin/wcs/LoginPage.jhtml', method='HEAD'} }, matches= { {match='', output='Cisco Collaboration Server'} } }) table.insert(fingerprints, { category='general', probes={ {path='/restoreinfo.cgi', method='HEAD'} }, matches= { {match='', output='Sagem router'} } }) table.insert(fingerprints, { category='general', probes={ {path='/confirminvite.php', method='HEAD'} }, matches= { {match='', output='phpMyBitTorrent'} } }) table.insert(fingerprints, { category='general', probes={ {path='/sourcebans/', method='HEAD'} }, matches= { {match='', output='SourceBans - Steam server application'} } }) table.insert(fingerprints, { category='general', probes={ {path='/swfupload/index.php', method='HEAD'} }, matches= { {match='', output='SWFUpload'} } }) table.insert(fingerprints, { category='general', probes={ {path='/mymarket/shopping/index.php', method='HEAD'} }, matches= { {match='', output='MyMarket'} } }) table.insert(fingerprints, { category='general', probes={ {path='/myshop_start.php', method='HEAD'} }, matches= { {match='', output='FozzCom shopping'} } }) table.insert(fingerprints, { category='general', probes={ {path='/piranha/secure/passwd.php3', method='HEAD'} }, matches= { {match='', output='RedHat Piranha Virtual Server'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-bin/ck/mimencode', method='HEAD'} }, matches= { {match='', output='ContentKeeper Web Appliance'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-bin/masterCGI?', method='HEAD'} }, matches= { {match='', output='Alcatel-Lucent OmniPCX Enterprise'} } }) table.insert(fingerprints, { category='general', probes={ {path='/tiny_mce/plugins/filemanager/', method='HEAD'} }, matches= { {match='', output='Tiny MCE File Upload'} } }) table.insert(fingerprints, { category='general', probes={ {path='/upload/scp/ajax.php', method='HEAD'} }, matches= { {match='', output='osTicket / AJAX File Upload'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-mod/view_help.cgi', method='HEAD'} }, matches= { {match='', output='Barracuda Networks Spam & Virus Firewall'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-mod/index.cgi', method='HEAD'} }, matches= { {match='', output='Barracuda Web Application Firewall'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-mod/smtp_test.cgi', method='HEAD'} }, matches= { {match='', output='Barracuda IM Firewall'} } }) table.insert(fingerprints, { category='general', probes={ {path='/TopToolArea.html', method='HEAD'}, {path='/switchSystem.html', method='HEAD'} }, matches= { {match='', output='Alteon OS BBI (Nortell)'} } }) table.insert(fingerprints, { category='general', probes={ {path='/intruvert/jsp/module/Login.jsp', method='HEAD'} }, matches= { {match='', output='McAfee Network Security Manager'} } }) table.insert(fingerprints, { category='general', probes={ {path='/ajaxfilemanager/', method='HEAD'} }, matches= { {match='', output='AJAX File Manager'} } }) table.insert(fingerprints, { category='general', probes={ {path='/upload/data/settings.cdb', method='HEAD'} }, matches= { {match='', output='CF Image Hosting DB'} } }) table.insert(fingerprints, { category='general', probes={ {path='/fm.php', method='HEAD'} }, matches= { {match='', output='Simple File Manager'} } }) table.insert(fingerprints, { category='general', probes={ {path='/nagios3/cgi-bin/statuswml.cgi', method='HEAD'}, {path='/nagios3/', method='HEAD'} }, matches= { {match='', output='Nagios3'} } }) table.insert(fingerprints, { category='general', probes={ {path='/test/logon.html', method='HEAD'} }, matches= { {match='', output='Jetty'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cal_cat.php', method='HEAD'}, {path='/calendar/cal_cat.php', method='HEAD'}, {path='/cal/cal_cat.php', method='HEAD'} }, matches= { {match='', output='Calendarix'} } }) table.insert(fingerprints, { category='general', probes={ {path='/private/sdc.tgz', method='HEAD'} }, matches= { {match='', output='IBM Bladecenter Management Logs'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cacti/', method='HEAD'} }, matches= { {match='', output='Cacti Web Monitoring'} } }) table.insert(fingerprints, { category='general', probes={ {path='/cgi-bin/awstats.pl', method='HEAD'} }, matches= { {match='', output='AWStats'} } }) table.insert(fingerprints, { category='general', probes={ {path='/wiki/rankings.php', method='HEAD'} }, matches= { {match='', output='Bit Weaver'} } }) table.insert(fingerprints, { category='general', probes={ {path='/reqdetails.php', method='HEAD'} }, matches= { {match='', output='BtiTracker'} } }) table.insert(fingerprints, { category='general', probes={ {path='/shared/help.php', method='HEAD'} }, matches= { {match='', output='OpenBiblio/WebBiblio Subject Gateway System'} } }) table.insert(fingerprints, { category='general', probes={ {path='/seti.php', method='HEAD'} }, matches= { {match='', output='PHP SETI@home'} } }) table.insert(fingerprints, { category='general', probes={ {path='/imc/', method='HEAD'}, {path='/imcws/', method='HEAD'} }, matches= { {match='', output='3Com Intelligent Management Center'} } }) table.insert(fingerprints, { category='general', probes={ {path='/partymgr/', method='HEAD'} }, matches= { {match='', output='Apache OFBiz'} } }) table.insert(fingerprints, { category='general', probes={ {path='/Base/upload.php', method='HEAD'}, {path='/Base/example_1.php', method='HEAD'} }, matches= { {match='', output='MassMirror Uploader'} } }) table.insert(fingerprints, { category='general', probes={ {path='/YUI-upload/html', method='HEAD'} }, matches= { {match='', output='YUI Images / File Upload'} } }) table.insert(fingerprints, { category='general', probes={ {path='/tools/filemanager/skins/mobile/admin1.template.php', method='HEAD'} }, matches= { {match='', output='ispCP Omega'} } }) table.insert(fingerprints, { category='general', probes={ {path='/Uploadify/', method='HEAD'} }, matches= { {match='', output='Uploadify'} } }) table.insert(fingerprints, { category='general', probes={ {path='/syssite/', method='HEAD'} }, matches= { {match='', output='ShopEx'} } }) table.insert(fingerprints, { category='general', probes={ {path='/updown.php', method='HEAD'} }, matches= { {match='', output='PHP Uploader Downloader'} } }) table.insert(fingerprints, { category='general', probes={ {path='/modules/docmanager/doctypetemplates/myuploadedfile', method='HEAD'} }, matches= { {match='', output='Achievo'} } }) table.insert(fingerprints, { category='general', probes={ {path='/ReqWebHelp/advanced/workingSet.jsp', method='HEAD'} }, matches= { {match='', output='IBM Rational RequisitePro/ReqWebHelp'} } }) table.insert(fingerprints, { category='general', probes={ {path='/dhost/', method='HEAD'} }, matches= { {match='', output='Novell eDirectory'} } }) table.insert(fingerprints, { category='general', probes={ {path='/engine/api/api.class.php', method='HEAD'} }, matches= { {match='', output='DatalifeEngine'} } }) table.insert(fingerprints, { category='general', probes={ {path='/jsft_resource.jsf', method='HEAD'}, {path='/scales_static_resource.jsf', method='HEAD'} }, matches= { {match='', output='JSFTemplating/Mojarra Scales/GlassFish Application Server'} } }) table.insert(fingerprints, { category='general', probes={ {path='/setup/password_required.html', method='HEAD'} }, matches= { {match='', output='2WIRE GATEWAY'} } }) table.insert(fingerprints, { category='general', probes={ {path='/zp-core/', method='HEAD'} }, matches= { {match='', output='Zen Photo'} } }) table.insert(fingerprints, { category='general', probes={ {path='/amember/', method='HEAD'} }, matches= { {match='', output='aMember'} } }) table.insert(fingerprints, { category='general', probes={ {path='/.hgignore', method='HEAD'}, {path='/.gitignore', method='HEAD'}, {path='/.bzrignore', method='HEAD'} }, matches= { {match='', output='Revision control ignore file'} } }) ------------------------------------------------ ---- SECURITY SOFTWARE ---- ------------------------------------------------ -- These checks will find specific installed software. If possible, it will also -- find versions, etc. table.insert(fingerprints, { category='security', probes={ {path='/arcsight/', method='HEAD'}, {path='/arcsight/images/logo-login-arcsight.gif', method='HEAD'}, {path='/arcsight/images/navbar-icon-logout-on.gif', method='HEAD'}, {path='/images/logo-arcsight.gif', method='HEAD'}, {path='/logger/monitor.ftl', method='HEAD'}, }, matches={ {output='Arcsight'} } }) table.insert(fingerprints, { category='security', probes={ {path='/beef/', method='HEAD'}, {path='/BEEF/', method='HEAD'}, {path='/beef/images/beef.gif', method='HEAD'} }, matches={ {output='BeEF Browser Exploitation Framework'} } }) table.insert(fingerprints, { category='security', probes={ {path='/gfx/form_top_left_corner.gif', method='HEAD'}, {path='/gfx/logout_24.png', method='HEAD'}, {path='/gfx/new_logo.gif', method='HEAD'}, {path='/javascript/sorttable.js', method='HEAD'} }, matches= { {match='', output='Secunia NSI'} } }) table.insert(fingerprints, { category='security', probes={ {path='/images/btn_help_nml.gif', method='HEAD'}, {path='/images/hdr_icon_homeG.gif', method='HEAD'}, {path='/spControl.php', method='HEAD'}, {path='/images/isslogo.gif', method='HEAD'}, {path='/deploymentmanager/', method='HEAD'}, }, matches= { {match='', output='IBM Proventia'} } }) table.insert(fingerprints, { category='security', probes={ {path='/i18n/EN/css/foundstone.css', method='HEAD'}, {path='/i18n/EN/images/external_nav_square.gif', method='HEAD'}, }, matches= { {match='', output='Foundstone'} } }) table.insert(fingerprints, { category='security', probes={ {path='/officescan/console/html/cgi/cgiChkMasterPwd.exe', method='HEAD'}, {path='/officescan/console/html/ClientInstall/officescannt.htm', method='HEAD'}, {path='/officescan/console/html/images/icon_refresh.gif', method='HEAD'}, }, matches= { {match='', output='Trend Micro OfficeScan Server'} } }) table.insert(fingerprints, { category='security', probes={ {path='/picts/BC_bwlogorev.gif', method='HEAD'}, {path='/picts/menu_leaf.gif', method='HEAD'}, }, matches= { {match='', output='BlueCoat Reporter'} } }) table.insert(fingerprints, { category='security', probes={ {path='/theme/images/en/login1.gif', method='HEAD'}, }, matches={ {match='', output='Fortinet VPN/Firewall'} } }) table.insert(fingerprints, { category='security', probes={ {path='/', method='GET'}, }, matches={ {match='id="NessusClient"', output='Nessus'}, {match='NessusClient.swf', output='Nessus'} } }) table.insert(fingerprints, { category='security', probes={ {path='/NessusClient.swf', method='HEAD'}, }, matches={ {match='', output='Nessus'} } }) table.insert(fingerprints, { category='security', probes={ {path='/dotDefender/', method='HEAD'}, }, matches={ {match='', output='dotDefender Web Application Firewall'} } }) ------------------------------------------------ ---- MANAGEMENT SOFTWARE ---- ------------------------------------------------ table.insert(fingerprints, { category='management', probes={ {path='/vmware/', method='HEAD'}, {path='/vmware/imx/vmware_boxes-16x16.png', method='HEAD'}, {path='/ui/', method='HEAD'}, {path='/ui/imx/vmwareLogo-16x16.png', method='HEAD'}, {path='/ui/imx/vmwarePaperBagLogo-16x16.png', method='HEAD'}, {path='/ui/vManage.do', method='HEAD'}, {path='/client/VMware-viclient.exe', method='HEAD'}, {path='/en/welcomeRes.js', method='HEAD'} }, matches={ {output='VMWare'} } }) table.insert(fingerprints, { category='management', probes={ {path='/citrix/', method='HEAD'}, {path='/Citrix/', method='HEAD'}, {path='/Citrix/MetaFrame/auth/login.aspx', method='HEAD'}, {path='/images/ctxHeader01.jpg', method='HEAD'}, {path='/images/Safeword_Token.jpg', method='HEAD'}, {path='/sw/auth/login.aspx', method='HEAD'}, {path='/vpn/images/AccessGateway.ico', method='HEAD'}, {path='/citrix/AccessPlatform/auth/clientscripts/', method='HEAD'}, {path='/AccessPlatform/auth/clientscripts/', method='HEAD'}, {path='/Citrix//AccessPlatform/auth/clientscripts/cookies.js', method='HEAD'}, {path='/Citrix/AccessPlatform/auth/clientscripts/login.js', method='HEAD'}, {path='/Citrix/PNAgent/config.xml', method='HEAD'}, }, matches={ {output='Citrix'} } }) table.insert(fingerprints, { category='management', probes={ {path='/cgi-bin/image/shikaku2.png', method='HEAD'}, }, matches= { {match='', output='TeraStation PRO RAID 0/1/5 Network Attached Storage'} } }) table.insert(fingerprints, { category='management', probes={ {path='/config/public/usergrp.gif', method='HEAD'}, {path='/pictures/buttons/file_view_mark.gif', method='HEAD'}, }, matches= { {match='', output='AXIS StorPoint'} } }) table.insert(fingerprints, { category='management', probes={ {path='/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=', method='HEAD'}, {path='/hplogo.gif', method='HEAD'}, }, matches= { {match='', output='HP System Management Homepage'} } }) table.insert(fingerprints, { category='management', probes={ {path='/ie_index.htm', method='HEAD'}, {path='/ilo.gif', method='HEAD'}, }, matches= { {match='', output='HP Integrated Lights Out'} } }) table.insert(fingerprints, { category='management', probes={ {path='/images/icon_server_connected.gif', method='HEAD'}, }, matches= { {match='', output='HP Blade Enclosure'} } }) table.insert(fingerprints, { category='management', probes={ {path='/mxhtml/images/signin_logo.gif', method='HEAD'}, {path='/mxhtml/images/status_critical_15.gif', method='HEAD'}, {path='/mxportal/home/en_US/servicetools.gif', method='HEAD'}, {path='/mxportal/home/MxPortalFrames.jsp', method='HEAD'}, }, matches= { {match='', output='HP Insight Manager'} } }) table.insert(fingerprints, { category='management', probes={ {path='/xymon/menu/menu.css', method='HEAD'}, }, matches= { {match='', output='Xymon'} } }) table.insert(fingerprints, { category='management', probes={ {path='/rrc.htm', method='HEAD'}, }, matches= { {match='', output='Raritan Remote Client'} } }) table.insert(fingerprints, { category='management', probes={ {path='/manager/html/upload', method='HEAD'}, {path='/manager/html', method='HEAD'} }, matches= { {match='', output='Apache Tomcat'} } }) table.insert(fingerprints, { category='general', probes={ {path='/axis2/axis2-web/HappyAxis.jsp', method='HEAD'}, {path='/axis2/', method='HEAD'}, {path='/happyaxis.jsp', method='HEAD'} }, matches= { {match='', output='Apache Axis2'} } }) table.insert(fingerprints, { category='management', probes={ {path='/web-console/ServerInfo.jsp', method='HEAD'}, {path='/web-console/Invoker', method='HEAD'}, {path='/invoker/', method='HEAD'}, {path='/jmx-console/', method='HEAD'}, {path='/admin-console/', method='HEAD'} }, matches= { {match='', output='JBoss Console'} } }) table.insert(fingerprints, { category='management', probes={ {path='/CFIDE/administrator/enter.cfm', method='HEAD'}, {path='/CFIDE/administrator/entman/index.cfm', method='HEAD'}, {path='/cfide/install.cfm', method='HEAD'}, {path='/CFIDE/administrator/archives/index.cfm', method='HEAD'}, {path='/CFIDE/wizards/common/_logintowizard.cfm', method='HEAD'}, {path='/CFIDE/componentutils/login.cfm', method='HEAD'}, {path='/CFIDE/Administrator/startstop.html', method='HEAD'}, }, matches= { {match='', output='ColdFusion Admin Console'} } }) table.insert(fingerprints, { category='management', probes={ {path='/common/help/en/go/login_ts.html', method='HEAD'}, {path='/system/login/', method='HEAD'}, {path='/system/login/reset?next=%2Fsystem%2Flogin&set-lang=en', method='HEAD'}, {path='/common/images/logos/img_logoMain.jpg', method='HEAD'}, }, matches= { {match='URL=http://www.macromedia.com/go/breeze_login_help_en', output='Adobe Acrobat Connect Pro'}, {match='<title>Connect Pro Central Login', output='Adobe Acrobat Connect Pro'}, {match='Forgot your password?', output='Adobe Acrobat Connect Pro'}, {match='Server: JRun Web Server', output='Adobe Acrobat Connect Pro'}, } }) table.insert(fingerprints, { category='management', probes={ {path='/Dashboard/Dashboard.html', method='GET'} }, matches= { {match='Server: Kodak-RulesBasedAutomation', output='Prinergy Dashboard Client Login'}, {match='Dashboard', output='Prinergy Dashboard Client Login'} } }) table.insert(fingerprints, { category='management', probes={ {path='/flexfm/', method='HEAD'} }, matches= { {match='', output='Flex File Manager'} } }) table.insert(fingerprints, { category='management', probes={ {path='/lib/usermanagement/userInfo.php', method='HEAD'} }, matches= { {match='', output='Testlink TestManagement'} } }) table.insert(fingerprints, { category='management', probes={ {path='/security/xamppsecurity.php', method='HEAD'} }, matches= { {match='', output='XAMPP'} } }) table.insert(fingerprints, { category='management', probes={ {path='/dm-albums/dm-albums.php', method='HEAD'} }, matches= { {match='', output='DM FileManager'} } }) ------------------------------------------------ ---- PRINTERS, WEBCAMS, PROJECTORS ---- ------------------------------------------------ table.insert(fingerprints, { category='printer', probes={ {path='/x_logo.gif', method='HEAD'} }, matches= { {match='', output='Xerox printer'} } }) table.insert(fingerprints, { category='printer', probes={ {path='/gif/hp.gif', method='HEAD'}, {path='/gif/hp_invent_logo.gif', method='HEAD'}, {path='/gif/printer.gif', method='HEAD'}, {path='/hp/device/this.LCDispatcher', method='HEAD'}, {path='/hp/device/webAccess/index.htm', method='HEAD'}, {path='/PageSelector.class', method='HEAD'} }, matches= { {match='', output='HP Printer'} } }) table.insert(fingerprints, { category='printer', probes={ {path='/images/lexbold.gif', method='HEAD'}, {path='/images/lexlogo.gif', method='HEAD'}, {path='/images/printer.gif', method='HEAD'}, {path='/printer/image', method='HEAD'} }, matches= { {match='', output='Lexmark Printer'} } }) table.insert(fingerprints, { category='printer', probes={ {path='/images/mute_alloff.gif', method='HEAD'}, {path='/images/pic_bri.gif', method='HEAD'}, }, matches= { {match='', output='NEC Projector'} } }) table.insert(fingerprints, { category='printer', probes={ {path='/scanweb/images/scanwebtm.gif', method='HEAD'}, }, matches= { {match='', output='SCAN Web (Webcam)'} } }) table.insert(fingerprints, { category='printer', probes={ {path='/view/index.shtml', method='HEAD'}, }, matches= { {match='', output='Axis 212 PTZ Network Camera'} } }) ------------------------------------------------ ---- DATABASES ---- ------------------------------------------------ --phpmyadmin db taken from http://milw0rm.com/exploits/8921 table.insert(fingerprints, { category='database', probes={ {path='/phpmyadmin/', method='HEAD'}, {path='/phpMyAdmin/', method='HEAD'}, {path='/PHPMyAdmin/', method='HEAD'}, {path='/PMA/', method='HEAD'}, {path='/pma/', method='HEAD'}, {path='/dbadmin/', method='HEAD'}, {path='/myadmin/', method='HEAD'}, {path='/php-my-admin/', method='HEAD'}, {path='/phpMyAdmin2/', method='HEAD'}, {path='/phpMyAdmin-2/', method='HEAD'}, {path='/phpMyAdmin-2.2.3/', method='HEAD'}, {path='/phpMyAdmin-2.2.6/', method='HEAD'}, {path='/phpMyAdmin-2.5.1/', method='HEAD'}, {path='/phpMyAdmin-2.5.4/', method='HEAD'}, {path='/phpMyAdmin-2.5.5-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.5.5-rc2/', method='HEAD'}, {path='/phpMyAdmin-2.5.5/', method='HEAD'}, {path='/phpMyAdmin-2.5.5-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.5.6-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.5.6-rc2/', method='HEAD'}, {path='/phpMyAdmin-2.5.6/', method='HEAD'}, {path='/phpMyAdmin-2.5.7/', method='HEAD'}, {path='/phpMyAdmin-2.5.7-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-alpha/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-alpha2/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-beta1/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-beta2/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-rc2/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-rc3/', method='HEAD'}, {path='/phpMyAdmin-2.6.0/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-pl2/', method='HEAD'}, {path='/phpMyAdmin-2.6.0-pl3/', method='HEAD'}, {path='/phpMyAdmin-2.6.1-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.6.1-rc2/', method='HEAD'}, {path='/phpMyAdmin-2.6.1/', method='HEAD'}, {path='/phpMyAdmin-2.6.1-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.6.1-pl2/', method='HEAD'}, {path='/phpMyAdmin-2.6.1-pl3/', method='HEAD'}, {path='/phpMyAdmin-2.6.2-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.6.2-beta1/', method='HEAD'}, {path='/phpMyAdmin-2.6.2/', method='HEAD'}, {path='/phpMyAdmin-2.6.2-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.6.3/', method='HEAD'}, {path='/phpMyAdmin-2.6.3-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.6.3-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.6.4-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.6.4-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.6.4-pl2/', method='HEAD'}, {path='/phpMyAdmin-2.6.4-pl3/', method='HEAD'}, {path='/phpMyAdmin-2.6.4-pl4/', method='HEAD'}, {path='/phpMyAdmin-2.6.4/', method='HEAD'}, {path='/phpMyAdmin-2.7.0-beta1/', method='HEAD'}, {path='/phpMyAdmin-2.7.0-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.7.0-pl1/', method='HEAD'}, {path='/phpMyAdmin-2.7.0-pl2/', method='HEAD'}, {path='/phpMyAdmin-2.7.0/', method='HEAD'}, {path='/phpMyAdmin-2.8.0-beta1/', method='HEAD'}, {path='/phpMyAdmin-2.8.0-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.8.0-rc2/', method='HEAD'}, {path='/phpMyAdmin-2.8.0/', method='HEAD'}, {path='/phpMyAdmin-2.8.0.1/', method='HEAD'}, {path='/phpMyAdmin-2.8.0.2/', method='HEAD'}, {path='/phpMyAdmin-2.8.0.3/', method='HEAD'}, {path='/phpMyAdmin-2.8.0.4/', method='HEAD'}, {path='/phpMyAdmin-2.8.1-rc1/', method='HEAD'}, {path='/phpMyAdmin-2.8.1/', method='HEAD'}, {path='/phpMyAdmin-2.8.2/', method='HEAD'}, {path='/sqlmanager/', method='HEAD'}, {path='/php-myadmin/', method='HEAD'}, {path='/phpmy-admin/', method='HEAD'}, {path='/mysqladmin/', method='HEAD'}, {path='/mysql-admin/', method='HEAD'}, {path='/websql/', method='HEAD'}, {path='/_phpmyadmin/', method='HEAD'} }, matches={ {output='phpMyAdmin'} } }) table.insert(fingerprints, { category='database', probes={ {path='/footer1.gif', method='HEAD'}, }, matches= { {match='', output='(possible) Oracle Web server'} } }) table.insert(fingerprints, { category='database', probes={ {path='/homepage.nsf/homePage.gif?OpenImageResource', method='HEAD'}, {path='/icons/ecblank.gif', method='HEAD'}, {path='/852566C90012664F', method='HEAD'}, {path='/admin4.nsf', method='HEAD'}, {path='/admin5.nsf', method='HEAD'}, {path='/admin.nsf', method='HEAD'}, {path='/agentrunner.nsf', method='HEAD'}, {path='/alog.nsf', method='HEAD'}, {path='/a_domlog.nsf', method='HEAD'}, {path='/bookmark.nsf', method='HEAD'}, {path='/busytime.nsf', method='HEAD'}, {path='/catalog.nsf', method='HEAD'}, {path='/certa.nsf', method='HEAD'}, {path='/certlog.nsf', method='HEAD'}, {path='/certsrv.nsf', method='HEAD'}, {path='/chatlog.nsf', method='HEAD'}, {path='/clbusy.nsf', method='HEAD'}, {path='/cldbdir.nsf', method='HEAD'}, {path='/clusta4.nsf', method='HEAD'}, {path='/collect4.nsf', method='HEAD'}, {path='/da.nsf', method='HEAD'}, {path='/dba4.nsf', method='HEAD'}, {path='/dclf.nsf', method='HEAD'}, {path='/DEASAppDesign.nsf', method='HEAD'}, {path='/DEASLog01.nsf', method='HEAD'}, {path='/DEASLog02.nsf', method='HEAD'}, {path='/DEASLog03.nsf', method='HEAD'}, {path='/DEASLog04.nsf', method='HEAD'}, {path='/DEASLog05.nsf', method='HEAD'}, {path='/DEASLog.nsf', method='HEAD'}, {path='/decsadm.nsf', method='HEAD'}, {path='/decslog.nsf', method='HEAD'}, {path='/DEESAdmin.nsf', method='HEAD'}, {path='/dirassist.nsf', method='HEAD'}, {path='/doladmin.nsf', method='HEAD'}, {path='/domadmin.nsf', method='HEAD'}, {path='/domcfg.nsf', method='HEAD'}, {path='/domguide.nsf', method='HEAD'}, {path='/domlog.nsf', method='HEAD'}, {path='/dspug.nsf', method='HEAD'}, {path='/events4.nsf', method='HEAD'}, {path='/events5.nsf', method='HEAD'}, {path='/events.nsf', method='HEAD'}, {path='/event.nsf', method='HEAD'}, {path='/homepage.nsf', method='HEAD'}, {path='/iNotes/Forms5.nsf/$DefaultNav', method='HEAD'}, {path='/jotter.nsf', method='HEAD'}, {path='/leiadm.nsf', method='HEAD'}, {path='/leilog.nsf', method='HEAD'}, {path='/leivlt.nsf', method='HEAD'}, {path='/log4a.nsf', method='HEAD'}, {path='/log.nsf', method='HEAD'}, {path='/l_domlog.nsf', method='HEAD'}, {path='/mab.nsf', method='HEAD'}, {path='/mail10.box', method='HEAD'}, {path='/mail1.box', method='HEAD'}, {path='/mail2.box', method='HEAD'}, {path='/mail3.box', method='HEAD'}, {path='/mail4.box', method='HEAD'}, {path='/mail5.box', method='HEAD'}, {path='/mail6.box', method='HEAD'}, {path='/mail7.box', method='HEAD'}, {path='/mail8.box', method='HEAD'}, {path='/mail9.box', method='HEAD'}, {path='/mail.box', method='HEAD'}, {path='/msdwda.nsf', method='HEAD'}, {path='/mtatbls.nsf', method='HEAD'}, {path='/mtstore.nsf', method='HEAD'}, {path='/names.nsf', method='HEAD'}, {path='/nntppost.nsf', method='HEAD'}, {path='/nntp/nd000001.nsf', method='HEAD'}, {path='/nntp/nd000002.nsf', method='HEAD'}, {path='/nntp/nd000003.nsf', method='HEAD'}, {path='/ntsync45.nsf', method='HEAD'}, {path='/perweb.nsf', method='HEAD'}, {path='/qpadmin.nsf', method='HEAD'}, {path='/quickplace/quickplace/main.nsf', method='HEAD'}, {path='/reports.nsf', method='HEAD'}, {path='/sample/siregw46.nsf', method='HEAD'}, {path='/schema50.nsf', method='HEAD'}, {path='/setupweb.nsf', method='HEAD'}, {path='/setup.nsf', method='HEAD'}, {path='/smbcfg.nsf', method='HEAD'}, {path='/smconf.nsf', method='HEAD'}, {path='/smency.nsf', method='HEAD'}, {path='/smhelp.nsf', method='HEAD'}, {path='/smmsg.nsf', method='HEAD'}, {path='/smquar.nsf', method='HEAD'}, {path='/smsolar.nsf', method='HEAD'}, {path='/smtime.nsf', method='HEAD'}, {path='/smtpibwq.nsf', method='HEAD'}, {path='/smtpobwq.nsf', method='HEAD'}, {path='/smtp.box', method='HEAD'}, {path='/smtp.nsf', method='HEAD'}, {path='/smvlog.nsf', method='HEAD'}, {path='/srvnam.htm', method='HEAD'}, {path='/statmail.nsf', method='HEAD'}, {path='/statrep.nsf', method='HEAD'}, {path='/stauths.nsf', method='HEAD'}, {path='/stautht.nsf', method='HEAD'}, {path='/stconfig.nsf', method='HEAD'}, {path='/stconf.nsf', method='HEAD'}, {path='/stdnaset.nsf', method='HEAD'}, {path='/stdomino.nsf', method='HEAD'}, {path='/stlog.nsf', method='HEAD'}, {path='/streg.nsf', method='HEAD'}, {path='/stsrc.nsf', method='HEAD'}, {path='/userreg.nsf', method='HEAD'}, {path='/vpuserinfo.nsf', method='HEAD'}, {path='/webadmin.nsf', method='HEAD'}, {path='/web.nsf', method='HEAD'}, {path='/.nsf/../winnt/win.ini', method='HEAD'}, {path='/icons/ecblank.gif', method='HEAD'} }, matches= { {match='', output='Lotus Domino'} } }) ------------------------------------------------ ---- MICROSOFT ---- ------------------------------------------------ table.insert(fingerprints, { category='microsoft', probes={ {path='/_layouts/images/helpicon.gif', method='HEAD'}, {path='/Pages/Default.aspx', method='HEAD'}, {path='/PublishingImages/NewsArticleImage.jpg', method='HEAD'}, {path='/_admin/operations.aspx', method='HEAD'}, {path='/_app_bin', method='HEAD'}, {path='/_controltemplates', method='HEAD'}, {path='/_layouts', method='HEAD'}, {path='/_layouts/viewlsts.aspx', method='HEAD'}, {path='/forms/allitems.aspx', method='HEAD'}, {path='/forms/webfldr.aspx', method='HEAD'}, {path='/forms/mod-view.aspx', method='HEAD'}, {path='/forms/my-sub.aspx', method='HEAD'}, {path='/pages/categoryresults.aspx', method='HEAD'}, {path='/categories/viewcategory.aspx', method='HEAD'}, {path='/sitedirectory', method='HEAD'}, {path='/editdocs.aspx', method='HEAD'}, {path='/workflowtasks/allitems.aspx', method='HEAD'}, {path='/lists/tasks/', method='HEAD'}, {path='/categories/allcategories.aspx', method='HEAD'}, {path='/categories/SOMEOTHERDIR/allcategories.aspx', method='HEAD'}, {path='/mycategories.aspx', method='HEAD'}, {path='/lists/', method='HEAD'}, {path='/lists/allitems.aspx', method='HEAD'}, {path='/lists/default.aspx', method='HEAD'}, {path='/lists/allposts.aspx', method='HEAD'}, {path='/lists/archive.aspx', method='HEAD'}, {path='/lists/byauthor.aspx', method='HEAD'}, {path='/lists/calendar.aspx', method='HEAD'}, {path='/lists/mod-view.aspx', method='HEAD'}, {path='/lists/myposts.aspx', method='HEAD'}, {path='/lists/my-sub.aspx', method='HEAD'}, {path='/lists/allcomments.aspx', method='HEAD'}, {path='/lists/mycomments.aspx', method='HEAD'}, {path='/_layouts/userdisp.aspx', method='HEAD'}, {path='/_layouts/help.aspx', method='HEAD'}, {path='/_layouts/download.aspx', method='HEAD'} }, matches= { {match='', output='MS Sharepoint'} } }) table.insert(fingerprints, { category='microsoft', probes={ {path='/projectserver/Home/HomePage.asp', method='HEAD'}, {path='/projectserver/images/branding.gif', method='HEAD'}, {path='/projectserver/images/pgHome.gif', method='HEAD'}, {path='/projectserver/images/pgTask.gif', method='HEAD'}, {path='/projectserver/Tasks/Taskspage.asp', method='HEAD'}, }, matches= { {match='', output='MS Project Server'} } }) table.insert(fingerprints, { category='microsoft', probes={ {path='/exchweb/bin/auth/owalogon.asp', method='HEAD'}, {path='/images/outlook.jpg', method='HEAD'}, {path='/owa/8.1.375.2/themes/base/lgntopl.gif', method='HEAD'}, {path='/owa/', method='HEAD'}, }, matches= { {match='', output='Outlook Web Access'} } }) table.insert(fingerprints, { category='microsoft', probes={ {path='/tsweb/', method='HEAD'}, }, matches= { {match='', output='Remote Desktop Web Connection'} } }) table.insert(fingerprints, { category='microsoft', probes={ {path='/reportserver/', method='HEAD'} }, matches= { {match='', output='Microsoft SQL Report Service'} } }) ------------------------------------------------ ---- NETWORK EQUIPMENT ---- ------------------------------------------------ -- Routers, switches, etc table.insert(fingerprints, { category='network', probes={ {path='/', method='GET'}, }, matches= { {match='realm="WRT54G"', output='Linksys WRT54g Wireless Router'} } }) table.insert(fingerprints, { category='network', probes={ {path='/HW_logo.html', method='HEAD'}, }, matches= { {match='', output='Huawei HG 530'} } }) table.insert(fingerprints, { category='network', probes={ {path='/icons/icon_set_up_2701XX_01.gif', method='HEAD'}, {path='/icons/icon_homeportal_2701XX.gif', method='HEAD'}, {path='/es/images/nav_sl_home_network_01.gif', method='HEAD'}, {path='/en/images/nav_sl_home_network_01.gif', method='HEAD'} }, matches= { {match='', output='2WIRE 2701HG'} } }) table.insert(fingerprints, { category='network', probes={ {path='/images/stxx__xl.gif', method='HEAD'}, {path='/images/bbc__xl.gif', method='HEAD'} }, matches= { {match='', output='Thomson TG585'} } }) ------------------------------------------------ ---- ATTACKS ---- ------------------------------------------------ -- These will search for and possibly exploit vulnerabilities. table.insert(fingerprints, { category='attacks', probes={ {path='/sdk/../../../../../../../etc/vmware/hostd/vmInventory.xml', method='GET'}, {path='/sdk/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/vmware/hostd/vmInventory.xml', method='GET'} }, matches={ {match='', output='Path traversal in VMWare (CVE-2009-3733)'}, {match='', output='Possible path traversal in VMWare (CVE-2009-3733)'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/../../../../../../../../../../etc/passwd', method='GET'}, {path='/../../../../../../../../../../boot.ini', method='GET'} }, matches={ {match='root:', output='Simple path traversal in URI (Linux)'}, {match='boot loader', output='Simple path traversal in URI (Windows)'}, {match='', output='Possible path traversal in URI'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/.htaccess', method='GET'}, {path='/.htpasswd', method='GET'} }, matches={ -- We look for a '200 OK' message on this one, because most Apache servers return an access denied {match='200 OK', output='Incorrect permissions on .htaccess or .htpasswd files'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/_vti_bin/', method='GET'}, {path='/_vti_cnf/', method='GET'}, {path='/_vti_log/', method='GET'}, {path='/_vti_pvt/', method='GET'}, {path='/_vti_txt/', method='GET'}, {path='/_vti_bin/_vti_aut/author.dll'}, {path='/_vti_bin/_vti_aut/author.exe'}, {path='/_vti_bin/_vti_aut/dvwssr.dll'}, {path='/_vti_bin/_vti_adm/admin.dll'}, {path='/_vti_bin/_vti_adm/admin.exe'}, {path='/_vti_bin/fpcount.exe?Page=default.asp|Image=3'}, {path='/_vti_bin/shtml.dll'}, {path='/_vti_bin/shtml.exe'}, {path='/_vti_pvt/_x_todo.htm'}, {path='/_vti_pvt/_x_todoh.htm'}, {path='/_vti_pvt/access.cnf'}, {path='/_vti_pvt/administrator.pwd'}, {path='/_vti_pvt/administrators.pwd'}, {path='/_vti_pvt/authors.pwd'}, {path='/_vti_pvt/bots.cnf'}, {path='/_vti_pvt/botinfs.cnf'}, {path='/_vti_pvt/deptodoc.btr'}, {path='/_vti_pvt/doctodep.btr'}, {path='/_vti_pvt/frontpg.lck'}, {path='/_vti_pvt/linkinfo.cnf'}, {path='/_vti_pvt/service.cnf'}, {path='/_vti_pvt/service.grp'}, {path='/_vti_pvt/service.lck'}, {path='/_vti_pvt/service.pwd'}, {path='/_vti_pvt/Service.stp'}, {path='/_vti_pvt/services.cnf'}, {path='/_vti_pvt/services.org'}, {path='/_vti_pvt/structure.cnf'}, {path='/_vti_pvt/svcacl.cnf'}, {path='/_vti_pvt/users.pwd'}, {path='/_vti_pvt/uniqueperm.cnf'}, {path='/_vti_pvt/writeto.cnf'}, }, matches= { {match='200', output='Frontpage file or folder'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/.svn/', method='GET'}, {path='/.svn/text-base/.htaccess.svn-base', method='GET'}, {path='/.svn/text-base/.htpasswd.svn-base', method='GET'}, {path='/.svn/text-base/Web.config.svn-base', method='GET'} }, matches= { {match='200', output='Subversion folder'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/.git/HEAD', method='GET'}, }, matches= { {match='ref: refs', output='Git folder'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/.hg/requires', method='GET'}, }, matches= { {match='revlogv1', output='Mercurial folder'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/.bzr/README', method='GET'}, }, matches= { {match='This is a Bazaar', output='Bazaar folder'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/downloadFile.php', method='GET'}, {path='/BackupConfig.php', method='GET'} }, matches={ {output='NETGEAR WNDAP350 2.0.1 to 2.0.9 potential file download and SSH root password disclosure'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/cwhp/auditLog.do?file=..\..\..\..\..\..\..\boot.ini', method='GET'}, {path='/cwhp/auditLog.do?file=..\..\..\..\..\..\..\Program%20Files\CSCOpx\MDC\Tomcat\webapps\triveni\WEB-INF\classes\schedule.properties', method='GET'}, {path='/cwhp/auditLog.do?file=..\..\..\..\..\..\..\Program%20Files\CSCOpx\lib\classpath\com\cisco\nm\cmf\dbservice2\DBServer.properties', method='GET'}, {path='/cwhp/auditLog.do?file=..\..\..\..\..\..\..\Program%20Files\CSCOpx\log\dbpwdChange.log', method='GET'} }, matches={ {match='boot loader', output='CiscoWorks (CuOM 8.0 and 8.5) Directory traversal (CVE-2011-0966) (Windows)'}, {match='', output='Possible CiscoWorks (CuOM 8.0 and 8.5) Directory traversal (CVE-2011-0966) (Windows)'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/var/mobile/Library/AddressBook/AddressBook.sqlitedb', method='HEAD'} }, matches={ {match='', output='Possible iPhone/iPod/iPad generic file sharing app Directory Traversal (iOS)'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/Info.live.htm', method='GET'} }, matches={ {match='200', output='Possible DD-WRT router Information Disclosure (OSVDB 70230)'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/CuteSoft_Client/CuteEditor/Load.ashx?type=image&file=../../../web.config', method='GET'} }, matches={ {match='200', output='Cute Editor ASP.NET Remote File Disclosure ( CVE 2009-4665 )'} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/plugins/PluginController.php?path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00', method='GET'} }, matches={ {match='200', output='OrangeHRM 2.6.3 Local File Inclusion '} } }) table.insert(fingerprints, { category='attacks', probes={ {path='/tiki-listmovies.php?movie=../../../../../../etc/passwd%001234', method='GET'} }, matches={ {match='200', output='TikiWiki < 1.9.9 Directory Traversal Vulnerability'} } }) ------------------------------------------------ ---- Open Source CMS checks ---- ------------------------------------------------ -- Broad wordpress version identification table.insert(fingerprints, { category='cms', probes={ {path='/wp-login.php'}, {path='/wordpress/wp-login.php'}, {path='/blog/wp-login.php'}, {path='/administrator/wp-login.php'}, {path='/weblog/wp-login.php'} }, matches={ {match='ver=20080708', output='WordPress 2.6.x found'}, {match='ver=20081210', output='WordPress 2.7.x found'}, {match='ver=20090514', output='WordPress 2.8.x found'}, {match='ver=20091217', output='WordPress 2.9.x found'}, {match='ver=20100601', output='WordPress 3.0.x found'}, {output='Wordpress login page.'} } }) -- ZenCart version detection table.insert(fingerprints, { category='cms', probes={ {path='/docs/'}, {path='/store/docs/'}, {path='/zencart/docs/'}, {path='/cart/docs/'} }, matches={ {match='.*">Changelog for v(%d-%..-) %(changed files%)', output='ZenCart, version \\1'} } }) -- Broad phpBB versions table.insert(fingerprints, { category='cms', probes={ {path='/docs/CHANGELOG.html'}, {path='/forum/docs/CHANGELOG.html'}, {path='/forums/docs/CHANGELOG.html'}, {path='/board/docs/CHANGELOG.html'}, {path='/boards/docs/CHANGELOG.html'} }, matches={ {match='Changes since (%d-%..-)', output='phpBB version slightly newer than \\1'}, {match='