From 24e6547a08258178ec1a671fe65548c826fb026f Mon Sep 17 00:00:00 2001
From: nnposter <nnposter@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 30 Aug 2016 21:07:49 +0000
Subject: [PATCH] Adds a fingerprint for Zabbix monitoring

---
 .../http-default-accounts-fingerprints.lua    | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/nselib/data/http-default-accounts-fingerprints.lua b/nselib/data/http-default-accounts-fingerprints.lua
index b950f2fda..4da0a611b 100644
--- a/nselib/data/http-default-accounts-fingerprints.lua
+++ b/nselib/data/http-default-accounts-fingerprints.lua
@@ -111,6 +111,35 @@ table.insert(fingerprints, {
   end
 })
 
+table.insert(fingerprints, {
+  -- Version 2.0.6
+  name = "Zabbix",
+  category = "web",
+  paths = {
+    {path = "/zabbix/"}
+  },
+  target_check = function (host, port, path, response)
+    -- true if the response is HTTP/200 and sets cookie "zbx_sessionid"
+    if response.status == 200 then
+      for _, ck in ipairs(response.cookies or {}) do
+        if ck.name:lower() == "zbx_sessionid" then return true end
+      end
+    end
+    return false
+  end,
+  login_combos = {
+    {username = "admin", password = "zabbix"}
+  },
+  login_check = function (host, port, path, user, pass)
+    local req = http.post(host, port, url.absolute(path, "index.php"),
+                          {no_cache=true, redirect_ok=false},
+                          nil,
+                          {request="", name=user, password=pass, enter="Sign in"},
+                          false)
+    return req.status == 302 and req.header["location"] == "dashboard.php"
+  end
+})
+
 table.insert(fingerprints, {
   name = "Xplico",
   category = "web",