From 4f21388faa3edd13e02f4573564f6b32be97d3f0 Mon Sep 17 00:00:00 2001
From: paulino <paulino@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 1 Jul 2011 21:43:53 +0000
Subject: [PATCH] Adds http-default-accounts fingerprint database

---
 .../http-default-accounts-fingerprints.lua    | 66 +++++++++++++++++++
 1 file changed, 66 insertions(+)
 create mode 100644 nselib/data/http-default-accounts-fingerprints.lua

diff --git a/nselib/data/http-default-accounts-fingerprints.lua b/nselib/data/http-default-accounts-fingerprints.lua
new file mode 100644
index 000000000..beef6312c
--- /dev/null
+++ b/nselib/data/http-default-accounts-fingerprints.lua
@@ -0,0 +1,66 @@
+---
+-- http-default-accounts-fingerprints.lua
+-- This file contains fingerprint data for http-default-accounts.nse
+--
+-- STRUCTURE:
+-- * <code>name</code> - Descriptive name
+-- * <code>category</code> - Category
+-- * <code>login_combos</code>
+---- * <code>username</code> - Default username
+---- * <code>password</code> - Default password
+-- * <code>paths</code> - Paths table containing the possible location of the target
+-- * <code>login_check</code> - Login function of the target
+---
+local function try_http_basic_login(host, port, path, user, pass)
+    local credentials = {username = user, password = pass}
+    local req = http.get(host, port, path, {no_cache=true, auth=credentials})
+    if req.status ~= 401 and req.status ~= 403 then
+      return true
+    end
+    return false
+end
+
+fingerprints = {}
+
+---
+--WEB
+---
+table.insert(fingerprints, {
+  name = "Cacti",
+  category = "web",
+  paths = {
+    {path = "/cacti/"}
+  },
+  login_combos = {
+    {username = "admin", password = "admin"}
+  },
+  login_check = function (host, port, path, user, pass)
+    local req = http.post(host, port, path.."index.php", {no_cache=true}, nil, {action="login", login_username=user, login_password=pass})
+    if not(http.response_contains(req, 'Invalid User Name/Password')) then
+      return true
+    end
+    return false
+  end
+})
+
+table.insert(fingerprints, {
+  name = "Apache Tomcat",
+  category = "web",
+  paths = {
+    {path = "/manager/html/"},
+    {path = "/tomcat/manager/html/"}
+  },
+  login_combos = {
+    {username = "tomcat", password = "tomcat"},
+    {username = "admin", password = "admin"}
+  },
+  login_check = function (host, port, path, user, pass)
+    return try_http_basic_login(host, port, path, user, pass)
+  end
+})
+
+
+---
+--ROUTERS
+---
+