PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 05:01:29 +00:00
Code Issues Projects Releases Wiki Activity

Adds a fingerprint for HP Storage Management Utility

Browse Source
This commit is contained in:
nnposter
2016-08-30 21:06:02 +00:00
parent 58bd519f90
commit 3419a71b24
2 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
nselib/data/http-default-accounts-fingerprints.lua
View File

@@ -597,6 +597,50 @@ table.insert(fingerprints, {
end end
}) })
---
--Storage
---
table.insert(fingerprints, {
-- Version TS200R021 on MSA 2000 G3
name = "HP Storage Management Utility",
category = "storage",
paths = {
{path = "/api/id/"}
},
-- TODO: Change the probe path to "/" and use the following target_check
-- once the http library adds support for gzip encoding. Don't forget
-- to change url.absolute() argument from "../" to "api/" in login_check.
--target_check = function (host, port, path, response)
-- return response.status == 200
-- and response.body
-- and response.body:find("brandStrings", 1, true)
-- and response.body:find("checkAuthentication", 1, true)
-- and response.body:find("hp stuff init", 1, true)
--end,
target_check = function (host, port, path, response)
return response.status == 200
and response.header["command-status"]
and response.header["command-status"]:find("^0 %({.*systemName:.*,%s*controller:.*}%)")
end,
login_combos = {
{username = "monitor", password = "!monitor"},
{username = "manage", password = "!manage"},
{username = "admin", password = "!admin"}
},
login_check = function (host, port, path, user, pass)
local creds = stdnse.tohex(openssl.md5(user .. "_" .. pass))
local content = "/api/login/" .. creds
local header = {["Content-Type"] = "application/x-www-form-urlencoded",
["datatype"] = "json"}
local req = http.generic_request(host, port, "POST",
url.absolute(path, "../"),
{header=header, content=content,
no_cache=true, redirect_ok=false})
return req.status == 200
and (req.header["command-status"] or ""):find("^1 ")
end
})
--- ---
--Remote consoles --Remote consoles
--- ---

1
scripts/http-default-accounts.nse
View File

@@ -18,6 +18,7 @@ You may select a category if you wish to reduce the number of requests. We have
* <code>routers</code> - Routers * <code>routers</code> - Routers
* <code>security</code> - CCTVs and other security devices * <code>security</code> - CCTVs and other security devices
* <code>printer</code> - Network-attached printers and printer servers * <code>printer</code> - Network-attached printers and printer servers
* <code>storage</code> - Storage devices
* <code>console</code> - Remote consoles * <code>console</code> - Remote consoles
Please help improve this script by adding new entries to nselib/data/http-default-accounts.lua Please help improve this script by adding new entries to nselib/data/http-default-accounts.lua