PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-20 22:49:01 +00:00
Code Issues Projects Releases Wiki Activity

Adds CPE entries to individual fingerprints (where known). XML output only.

Browse Source
This commit is contained in:
nnposter
2016-12-04 20:46:21 +00:00
parent b0b94049b7
commit 7b9c6e74d9
3 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@@ -46,6 +46,8 @@ o [NSE] Revised script http-default-accounts in several ways:
- [GH#604] Implemented XML output. Layout of the classic text output has also
changed, including reporting blank usernames or passwords as "<blank>",
instead of just empty strings. [nnposter]
- Added CPE entries to individual fingerprints (where known). They are
reported only in the XML output. [nnposter]
o [NSE][GH#573] Updated http.lua to allow processing of HTTP responses with
malformed header names. Such header lines are still captured in the rawheader

22
nselib/data/http-default-accounts-fingerprints.lua
View File

@@ -171,6 +171,7 @@ fingerprints = {}
table.insert(fingerprints, {
-- Version 0.8.8a
name = "Cacti",
cpe = "cpe:/a:cacti:cacti",
category = "web",
paths = {
{path = "/"},
@@ -199,6 +200,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 2.0.6
name = "Zabbix",
cpe = "cpe:/a:zabbix:zabbix",
category = "web",
paths = {
{path = "/zabbix/"}
@@ -300,6 +302,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 3.2.3
name = "Nagios",
cpe = "cpe:/a:nagios:nagios",
category = "web",
paths = {
{path = "/"},
@@ -358,6 +361,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 8.1, 9.2, 10.3.4, 10.3.6, 12.1.2
name = "WebLogic Server Console",
cpe = "cpe:/a:bea:weblogic_server",
category = "web",
paths = {
{path = "/console/"}
@@ -394,6 +398,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 4.1.31, 6.0.24, 7.0.54
name = "Apache Tomcat",
cpe = "cpe:/a:apache:tomcat",
category = "web",
paths = {
{path = "/manager/html/"},
@@ -453,6 +458,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 1.4.1, 1.5.2, 1.5.3, 1.6.0, 1.6.1
name = "Apache Axis2",
cpe = "cpe:/a:apache:axis2",
category = "web",
paths = {
{path = "/axis2/axis2-admin/"}
@@ -553,6 +559,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 12.2SE on Catalyst 3750, 3845, CBS3020, 12.3 on Aironet 1300
name = "Cisco IOS",
cpe = "cpe:/o:cisco:ios",
category = "routers",
paths = {
{path = "/"},
@@ -581,6 +588,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version (see below)
name = "Cisco Linksys",
cpe = "cpe:/h:linksys:*",
category = "routers",
paths = {
{path = "/"}
@@ -604,6 +612,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version ESIP-12-v302r125573-131230c_upc
name = "Cisco EPC3925",
cpe = "cpe:/h:cisco:epc3925",
category = "routers",
paths = {
{path = "/"}
@@ -634,6 +643,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 1.0.1.3 on RT-N10U, RT-N66U
name = "ASUS RT",
cpe = "cpe:/h:asus:rt-*",
category = "routers",
paths = {
{path = "/"}
@@ -653,6 +663,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 5.00.12 on F5D7234-4
name = "Belkin G Wireless Router",
cpe = "cpe:/h:belkin:f5d7234-4",
category = "routers",
paths = {
{path = "/"}
@@ -681,6 +692,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 1.00.12 on F9K1001 v1
name = "Belkin N150",
cpe = "cpe:/h:belkin:n150_f9k1001",
category = "routers",
paths = {
{path = "/"}
@@ -864,6 +876,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 3.4.5.1 on Aruba800
name = "ArubaOS WebUI",
cpe = "cpe:/o:arubanetworks:arubaos",
category = "routers",
paths = {
{path = "/"}
@@ -891,6 +904,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
name = "Aruba AirWave",
cpe = "cpe:/a:arubanetworks:airwave",
category = "routers",
paths = {
{path = "/"}
@@ -915,6 +929,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 08.05.100 on NVR 1750D
name = "Nortel VPN Router",
cpe = "cpe:/h:nortel:vpn_router_*",
category = "routers",
paths = {
{path = "/"}
@@ -939,6 +954,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 11.4.1, 11.5.3
name = "F5 TMOS",
cpe = "cpe:/o:f5:tmos",
category = "routers",
paths = {
{path = "/"}
@@ -963,6 +979,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 10.5 on MPX 8005
name = "Citrix NetScaler",
cpe = "cpe:/a:citrix:netscaler",
category = "routers",
paths = {
{path = "/"}
@@ -1215,6 +1232,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 071.*, 072.* on WorkCentre 7835, 7845, ColorQube 8900X
name = "Xerox WorkCentre/ColorQube",
cpe = "cpe:/h:xerox:workcentre",
category = "printer",
paths = {
{path = "/"}
@@ -1377,6 +1395,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 7.5.0.3 on 2072-24C
name = "IBM Storwize V3700",
cpe = "cpe:/a:ibm:storwize_v3700_software",
category = "storage",
paths = {
{path = "/"}
@@ -1411,6 +1430,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 5.0.0
name = "VMware ESXi",
cpe = "cpe:/o:vmware:esxi",
category = "virtualization",
paths = {
{path = "/"}
@@ -1435,6 +1455,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
-- Version 4.0.0
name = "PCoIP Zero Client",
cpe = "cpe:/a:teradici:pcoip_host_software",
category = "virtualization",
paths = {
{path = "/login.html"}
@@ -1494,6 +1515,7 @@ table.insert(fingerprints, {
table.insert(fingerprints, {
--Version 1.10.12, 1.80
name = "Dell iDRAC6",
cpe = "cpe:/o:dell:idrac6_firmware",
category = "console",
paths = {
{path = "/"}

5
scripts/http-default-accounts.nse
View File

@@ -54,6 +54,7 @@ This script was based on http-enum.
--
-- @xmloutput
-- <table key="Cacti">
-- <elem key="cpe">cpe:/a:cacti:cacti</elem>
-- <elem key="path">/</elem>
-- <table key="credentials">
-- <table>
@@ -63,6 +64,7 @@ This script was based on http-enum.
-- </table>
-- </table>
-- <table key="Nagios">
-- <elem key="cpe">cpe:/a:nagios:nagios</elem>
-- <elem key="path">/nagios/</elem>
-- <table key="credentials">
-- <table>
@@ -89,6 +91,8 @@ This script was based on http-enum.
-- 2016-12-01 nnposter
-- * implemented XML structured output
-- * changed classic output to report empty credentials as <blank>
-- 2016-12-04 nnposter
-- * added CPE entries to individual fingerprints (where known)
---
author = {"Paulino Calderon <calderon@websec.mx>", "nnposter"}
@@ -270,6 +274,7 @@ local function test_credentials (host, port, fingerprint, path)
if #credlst == 0 then return nil end
-- Some credentials found. Generate the fingerprint output report
local out = stdnse.output_table()
out.cpe = fingerprint.cpe
out.path = path
out.credentials = credlst
local txtout = {}