From 3af4a0c20c6bcfffd45e0ed3afad3260d99f6630 Mon Sep 17 00:00:00 2001 From: nnposter Date: Tue, 30 Aug 2016 21:09:24 +0000 Subject: [PATCH] Adds a fingerprint for Schneider Modicon Web Server --- .../http-default-accounts-fingerprints.lua | 28 +++++++++++++++++++ scripts/http-default-accounts.nse | 1 + 2 files changed, 29 insertions(+) diff --git a/nselib/data/http-default-accounts-fingerprints.lua b/nselib/data/http-default-accounts-fingerprints.lua index 4da0a611b..2d2de9f6d 100644 --- a/nselib/data/http-default-accounts-fingerprints.lua +++ b/nselib/data/http-default-accounts-fingerprints.lua @@ -492,6 +492,34 @@ table.insert(fingerprints, { end }) +--- +--Industrial systems +--- +table.insert(fingerprints, { + -- Version 2.1.2, 2.2.0 on TSX ETY Port, 1.0.4, 2.2.0 on TSX ETY410 + name = "Schneider Modicon Web", + category = "industrial", + paths = { + {path = "/"} + }, + target_check = function (host, port, path, response) + return response.status == 302 + and response.header["server"] + and response.header["server"]:find("^Schneider%-WEB/V%d+%.") + and response.header["location"] + and response.header["location"]:find("/index%.htm$") + end, + login_combos = { + {username = "USER", password = "USER"} + }, + login_check = function (host, port, path, user, pass) + -- realm="Schneider Web" + return try_http_basic_login(host, port, + url.absolute(path, "secure/system/globaldata.htm?Language=English"), + user, pass, false) + end +}) + --- --Printers --- diff --git a/scripts/http-default-accounts.nse b/scripts/http-default-accounts.nse index 7d04d0535..4e2fbe6d5 100644 --- a/scripts/http-default-accounts.nse +++ b/scripts/http-default-accounts.nse @@ -17,6 +17,7 @@ You may select a category if you wish to reduce the number of requests. We have * web - Web applications * routers - Routers * security - CCTVs and other security devices +* industrial - Industrial systems * printer - Network-attached printers and printer servers * storage - Storage devices * console - Remote consoles