PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 14:11:29 +00:00
Code Issues Projects Releases Wiki Activity

Re-indent the Lua files in nselib/data/

Browse Source 
https://secwiki.org/w/Nmap/Code_Standards
This commit is contained in:
dmiller
2014-02-05 17:58:36 +00:00
parent 69e343f0aa
commit 7dd47ec3a3
5 changed files with 2193 additions and 2193 deletions
Download Patch File Download Diff File Expand all files Collapse all files

684
nselib/data/http-devframework-fingerprints.lua
View File

@@ -21,345 +21,345 @@ local url = require "url"
tools = { Django = { rapidDetect = function(host, port)
-- Check if the site gives that familiar Django admin login page.
local response = http.get(host, port, "/admin/")
if response.body then
if string.find(response.body, "Log in | Django site admin") or
string.find(response.body, "this_is_the_login_form") or
string.find(response.body, "csrfmiddlewaretoken") then
return "Django detected. Found Django admin login page on /admin/"
end
end
-- In Django, the cookie sessionid is being set when you log in
-- and forms will probably set a cookie called csrftoken.
if response.cookies then
for _, c in pairs(response.cookies) do
if c.name == "csrftoken" then
return "Django detected. Found sessionid cookie which means the contrib.auth package for authentication is enabled."
elseif c.name == "sessionid" then
return "Django detected. Found csrftoken cookie."
end
end
end
-- See if DEBUG mode still happens to be true.
response = http.get(host, port, "/random404page/")
if response.body then
if string.find(response.body, "<code>DEBUG = True</code>") then
return "Django detected. Found Django error page on /random404page/"
end
end
end,
consumingDetect = function(page, path)
if page then
if string.find(page, "csrfmiddlewaretoken") then
return "Django detected. Found csrfmiddlewaretoken on " .. path
end
if string.find(page, "id=\"id_") then
return "Django detected. Found id_ preffix in id attribute name on " .. path
end
if string.find(page, "%-TOTAL%-FORMS") or string.find(page, "%-DELETE") then
return "Django detected. Found -TOTAL-FORMS and -DELETE hidden inputs, which means there is a Django formset on " .. path
end
end
end
},
RubyOnRails = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
-- Check for Mongrel or Passenger in the "Server" or "X-Powered-By" header
for h, v in pairs(response.header) do
if h == "x-powered-by" or h == "server" then
local vl = v:lower()
local m = vl:match("mongrel") or vl:match("passenger")
if m then
return "RoR detected. Found '" .. m .. "' in " .. h .. " header sent by the server."
end
end
end
-- /rails/info/propertires shows project info when in development mode
response = http.get(host, port, "/rails/info/properties")
if response.body then
if string.find(response.body, "Ruby version") then
return "RoR detected. Found properties file on /rails/info/properties/"
end
end
-- Make up a bad path and match the error page
response = http.get(host, port, "/random404page/")
if response.body then
if string.find(response.body, "Routing Error") then
return "RoR detected. Found RoR routing error page on /random404page/"
end
end
end,
consumingDetect = function(page, path)
-- Check the source and look for csrf patterns.
if page then
if string.find(page, "csrf%-param") or string.find(page, "csrf%-token") then
return "RoR detected. Found csrf field on" .. path
end
end
end
},
ASPdotNET = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
-- Look for an ASP.NET header.
for h, v in pairs(response.header) do
local vl = v:lower()
if h == "x-aspnet-version" or string.find(vl, "asp") then
return "ASP.NET detected. Found related header."
end
end
if response.cookies then
for _, c in pairs(response.cookies) do
if c.name == "aspnetsessionid" then
return "ASP.NET detected. Found aspnetsessionid cookie."
end
end
end
end,
consumingDetect = function(page, path)
-- Check the source and look for common traces.
if page then
if string.find(page, " __VIEWSTATE") or
string.find(page, "__EVENT") or
string.find(page, "__doPostBack") or
string.find(page, "aspnetForm") or
string.find(page, "ctl00_") then
return "ASP.NET detected. Found common traces on" .. path
end
end
end
},
CodeIgniter = { rapidDetect = function(host, port)
-- Match default error page.
local response = http.get(host, port, "/random404page/")
if response.body then
if string.find(response.body, "#990000") and
string.find(response.body, "404 Page Not Found") then
return "CodeIgniter detected. Found CodeIgniter default error page on /random404page/"
end
end
end,
consumingDetect = function(page, path)
return
end
},
CakePHP = { rapidDetect = function(host, port)
-- Find CAKEPHP header.
local response = http.get(host, port, "/")
for h, v in pairs(response.header) do
local vl = v:lower()
if string.find(vl, "cakephp") then
return "CakePHP detected. Found related header."
end
end
end,
consumingDetect = function(page, path)
return
end
},
Symfony = { rapidDetect = function(host, port)
-- Find Symfony header.
local response = http.get(host, port, "/")
for h, v in pairs(response.header) do
local vl = v:lower()
if string.find(vl, "symfony") then
return "Symfony detected. Found related header."
end
end
end,
consumingDetect = function(page, path)
return
end
},
Wordpress = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']WordPress") or
string.find(response.body, "wp%-content") then
return "Wordpress detected. Found common traces on /"
end
end
-- Check if the default login page exists.
response = http.get(host, port, "/wp%-login")
if response.status == "200" then
return "Wordpress detected. Found WP login page on /wp-login"
end
end,
consumingDetect = function(page, path)
if page then
if string.find(page, "content=[\"']WordPress") or
string.find(page, "wp%-content") then
return "Wordpress detected. Found common traces on " .. page
end
end
end
},
Joomla = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']Joomla!") then
return "Joomla detected. Found common traces on /"
end
end
-- Check if the default login page exists.
response = http.get(host, port, "/administrator")
if response.body and string.find(response.body, "Joomla") then
return "Joomla detected. Found Joomla login page on /administrator/"
end
end,
consumingDetect = function(page, path)
if page and string.find(page, "content=[\"']Joomla!") then
return "Joomla detected. Found common traces on " .. page
end
end
},
Drupal = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']Drupal") then
return "Drupal detected. Found common traces on /"
end
end
end,
consumingDetect = function(page, path)
if page and string.find(page, "content=[\"']Drupal") then
return "Drupal detected. Found common traces on " .. page
end
end
},
MediaWiki = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']MediaWiki") or
string.find(response.body, "/mediawiki/") then
return "MediaWiki detected. Found common traces on /"
end
end
end,
consumingDetect = function(page, path)
if page and string.find(page, "content=[\"']MediaWiki") or
string.find(page, "/mediawiki/") then
return "MediaWiki detected. Found common traces on " .. page
end
end
},
ColdFusion = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
if response.cookies then
for _, c in pairs(response.cookies) do
if c.name == "cfid" or c.name == "cftoken" then
return "ColdFusion detected. Found " .. c.name .. " cookie."
end
end
end
end,
consumingDetect = function(page, path)
return
end
},
Broadvision = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
if response.cookies then
for _, c in pairs(response.cookies) do
if string.find(c.name, "bv_") then
return "Broadvision detected. Found " .. c.name .. " cookie."
end
end
end
end,
consumingDetect = function(page, path)
return
end
},
WebSphereCommerce = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
if response.cookies then
for _, c in pairs(response.cookies) do
if string.find(c.name, "wc_") then
return "WebSphere Commerce detected. Found " .. c.name .. " cookie."
end
end
end
end,
consumingDetect = function(page, path)
return
end
},
}
-- Check if the site gives that familiar Django admin login page.
local response = http.get(host, port, "/admin/")
if response.body then
if string.find(response.body, "Log in | Django site admin") or
string.find(response.body, "this_is_the_login_form") or
string.find(response.body, "csrfmiddlewaretoken") then
return "Django detected. Found Django admin login page on /admin/"
end
end
-- In Django, the cookie sessionid is being set when you log in
-- and forms will probably set a cookie called csrftoken.
if response.cookies then
for _, c in pairs(response.cookies) do
if c.name == "csrftoken" then
return "Django detected. Found sessionid cookie which means the contrib.auth package for authentication is enabled."
elseif c.name == "sessionid" then
return "Django detected. Found csrftoken cookie."
end
end
end
-- See if DEBUG mode still happens to be true.
response = http.get(host, port, "/random404page/")
if response.body then
if string.find(response.body, "<code>DEBUG = True</code>") then
return "Django detected. Found Django error page on /random404page/"
end
end
end,
consumingDetect = function(page, path)
if page then
if string.find(page, "csrfmiddlewaretoken") then
return "Django detected. Found csrfmiddlewaretoken on " .. path
end
if string.find(page, "id=\"id_") then
return "Django detected. Found id_ preffix in id attribute name on " .. path
end
if string.find(page, "%-TOTAL%-FORMS") or string.find(page, "%-DELETE") then
return "Django detected. Found -TOTAL-FORMS and -DELETE hidden inputs, which means there is a Django formset on " .. path
end
end
end
},
RubyOnRails = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
-- Check for Mongrel or Passenger in the "Server" or "X-Powered-By" header
for h, v in pairs(response.header) do
if h == "x-powered-by" or h == "server" then
local vl = v:lower()
local m = vl:match("mongrel") or vl:match("passenger")
if m then
return "RoR detected. Found '" .. m .. "' in " .. h .. " header sent by the server."
end
end
end
-- /rails/info/propertires shows project info when in development mode
response = http.get(host, port, "/rails/info/properties")
if response.body then
if string.find(response.body, "Ruby version") then
return "RoR detected. Found properties file on /rails/info/properties/"
end
end
-- Make up a bad path and match the error page
response = http.get(host, port, "/random404page/")
if response.body then
if string.find(response.body, "Routing Error") then
return "RoR detected. Found RoR routing error page on /random404page/"
end
end
end,
consumingDetect = function(page, path)
-- Check the source and look for csrf patterns.
if page then
if string.find(page, "csrf%-param") or string.find(page, "csrf%-token") then
return "RoR detected. Found csrf field on" .. path
end
end
end
},
ASPdotNET = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
-- Look for an ASP.NET header.
for h, v in pairs(response.header) do
local vl = v:lower()
if h == "x-aspnet-version" or string.find(vl, "asp") then
return "ASP.NET detected. Found related header."
end
end
if response.cookies then
for _, c in pairs(response.cookies) do
if c.name == "aspnetsessionid" then
return "ASP.NET detected. Found aspnetsessionid cookie."
end
end
end
end,
consumingDetect = function(page, path)
-- Check the source and look for common traces.
if page then
if string.find(page, " __VIEWSTATE") or
string.find(page, "__EVENT") or
string.find(page, "__doPostBack") or
string.find(page, "aspnetForm") or
string.find(page, "ctl00_") then
return "ASP.NET detected. Found common traces on" .. path
end
end
end
},
CodeIgniter = { rapidDetect = function(host, port)
-- Match default error page.
local response = http.get(host, port, "/random404page/")
if response.body then
if string.find(response.body, "#990000") and
string.find(response.body, "404 Page Not Found") then
return "CodeIgniter detected. Found CodeIgniter default error page on /random404page/"
end
end
end,
consumingDetect = function(page, path)
return
end
},
CakePHP = { rapidDetect = function(host, port)
-- Find CAKEPHP header.
local response = http.get(host, port, "/")
for h, v in pairs(response.header) do
local vl = v:lower()
if string.find(vl, "cakephp") then
return "CakePHP detected. Found related header."
end
end
end,
consumingDetect = function(page, path)
return
end
},
Symfony = { rapidDetect = function(host, port)
-- Find Symfony header.
local response = http.get(host, port, "/")
for h, v in pairs(response.header) do
local vl = v:lower()
if string.find(vl, "symfony") then
return "Symfony detected. Found related header."
end
end
end,
consumingDetect = function(page, path)
return
end
},
Wordpress = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']WordPress") or
string.find(response.body, "wp%-content") then
return "Wordpress detected. Found common traces on /"
end
end
-- Check if the default login page exists.
response = http.get(host, port, "/wp%-login")
if response.status == "200" then
return "Wordpress detected. Found WP login page on /wp-login"
end
end,
consumingDetect = function(page, path)
if page then
if string.find(page, "content=[\"']WordPress") or
string.find(page, "wp%-content") then
return "Wordpress detected. Found common traces on " .. page
end
end
end
},
Joomla = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']Joomla!") then
return "Joomla detected. Found common traces on /"
end
end
-- Check if the default login page exists.
response = http.get(host, port, "/administrator")
if response.body and string.find(response.body, "Joomla") then
return "Joomla detected. Found Joomla login page on /administrator/"
end
end,
consumingDetect = function(page, path)
if page and string.find(page, "content=[\"']Joomla!") then
return "Joomla detected. Found common traces on " .. page
end
end
},
Drupal = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']Drupal") then
return "Drupal detected. Found common traces on /"
end
end
end,
consumingDetect = function(page, path)
if page and string.find(page, "content=[\"']Drupal") then
return "Drupal detected. Found common traces on " .. page
end
end
},
MediaWiki = { rapidDetect = function(host, port)
-- Check for common traces in the source code.
local response = http.get(host, port, "/")
if response.body then
if string.find(response.body, "content=[\"']MediaWiki") or
string.find(response.body, "/mediawiki/") then
return "MediaWiki detected. Found common traces on /"
end
end
end,
consumingDetect = function(page, path)
if page and string.find(page, "content=[\"']MediaWiki") or
string.find(page, "/mediawiki/") then
return "MediaWiki detected. Found common traces on " .. page
end
end
},
ColdFusion = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
if response.cookies then
for _, c in pairs(response.cookies) do
if c.name == "cfid" or c.name == "cftoken" then
return "ColdFusion detected. Found " .. c.name .. " cookie."
end
end
end
end,
consumingDetect = function(page, path)
return
end
},
Broadvision = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
if response.cookies then
for _, c in pairs(response.cookies) do
if string.find(c.name, "bv_") then
return "Broadvision detected. Found " .. c.name .. " cookie."
end
end
end
end,
consumingDetect = function(page, path)
return
end
},
WebSphereCommerce = { rapidDetect = function(host, port)
local response = http.get(host, port, "/")
if response.cookies then
for _, c in pairs(response.cookies) do
if string.find(c.name, "wc_") then
return "WebSphere Commerce detected. Found " .. c.name .. " cookie."
end
end
end
end,
consumingDetect = function(page, path)
return
end
},
}