Merge branch 'fingerprints'

2026-01-19 04:39:01 +00:00 · 2015-06-20 17:27:22 +00:00
parent 39f75dddeb
commit 3ef7d71863
1 changed files with 41 additions and 1 deletions
--- a/nselib/data/http-fingerprints.lua
+++ b/nselib/data/http-fingerprints.lua
@@ -6434,6 +6434,24 @@ table.insert(fingerprints, {
      }
    }
  });
+
+-- HNAP Devices
+table.insert(fingerprints, {
+    category = 'general',
+    probes = {
+      {
+        path = '/HNAP1/',
+        method = 'GET'
+      }
+    },
+    matches = {
+      {
+        match = '<ModelDescription>(.-)</ModelDescription>',
+        output = '\\1'
+      }
+    }
+  });
+
 ------------------------------------------------
 ----               ATTACKS                  ----
 ------------------------------------------------
@@ -6926,6 +6944,29 @@ table.insert(fingerprints, {
    }
  });

+-- HNAP Authentication Bypass
+table.insert(fingerprints, {
+    category = 'attacks',
+    probes = {
+      {
+        path = '/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0',
+        method = 'GET'
+      }
+    },
+    matches = {
+      {
+        dontmatch = '<a href="http://www%.dlink%.com"',
+        match = '^HTTP/1.[01] 200 OK\r\n.*Server: Embedded HTTP Server',
+        output = 'D-Link Router Vulnerable to Authentication Bypass',
+      },
+      {
+        dontmatch = '<a href="http://www%.dlink%.com"',
+        match = '^HTTP/1.[01] 200 OK\r\n.*Server: Virtual Web 0.9',
+        output = 'D-Link Router Vulnerable to Authentication Bypass',
+      },
+    }
+  });
+
 ------------------------------------------------
 ----        Open Source CMS checks          ----
 ------------------------------------------------
@@ -8328,7 +8369,6 @@ table.insert(fingerprints, {
    }
  });

-
 ------------------------------------------------
 ----           UNCATEGORIZED                ----
 ------------------------------------------------