--- 
-- Try to guess running webapp and their version.
--
--@output
--@output
-- 80/tcp open  http
-- |_ WebApp: Trac 0.11dev-r6306
-- 80/tcp open  http
-- |_ WebApp: MediaWiki 1.14alpha
-- 80/tcp open  http
-- |_ WebApp: WordPress 2.0.11

require "stdnse"
require "shortport"
require "sedusa"

id = "WebApp"
description = "Try to guess running webapp and their version."
author = "Sven Klemm <sven@c3d2.de>"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"intrusive","safe","discovery"}


portrule = shortport.port_or_service({80,443},{'http', 'https', 'http-proxy'})

action = function(host, port)
  local apps
  local target = {}

  if port.service == 'https' or port.version.service_tunnel == 'ssl' then
    target.scheme = "https"
    if port.number ~= 443 then target.port = port.number end
  else
    target.scheme = "http"
    if port.number ~= 80 then target.port = port.number end
  end

  target.host = host.targetname or ( host.name and host.name ~= "" and host.name ) or host.ip
  target.path = nmap.registry.args.webapp or "/"

  apps = sedusa.detect_app( url.build( target ) )

  if #apps > 0 then
    return table.concat( apps, ", " )
  end

end