From 859e35bc2ed9182c2a78d130c2ec596005235d5c Mon Sep 17 00:00:00 2001
From: paulino <paulino@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 4 Oct 2011 07:46:16 +0000
Subject: [PATCH] Adds entry for Easy Hosting Control Panel. There are a lot of
 vulnerable installations and an auth bypass vulnerability:
 http://www.1337day.com/exploits/17010

---
 nselib/data/http-fingerprints.lua | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/nselib/data/http-fingerprints.lua b/nselib/data/http-fingerprints.lua
index 907dbb0bc..1bbd77a7f 100644
--- a/nselib/data/http-fingerprints.lua
+++ b/nselib/data/http-fingerprints.lua
@@ -1232,6 +1232,21 @@ table.insert(fingerprints, {
 	}
 })
 
+table.insert(fingerprints, {
+	category='general',
+	probes={
+		{path='/ehcp/?op=applyforftpaccount', method='GET'},
+                {path='/ehcp/?op=applyforaccount', method='GET'},
+		{path='/ehcp/?op=applyfordomainaccount', method='GET'},
+                {path='/vhosts/ehcp/?op=applyforftpaccount', method='GET'},
+                {path='/vhosts/ehcp/?op=applyforaccount', method='GET'},
+		{path='/vhosts/ehcp/?op=applyfordomainaccount', method='GET'},
+	},
+	matches= {
+		{match='', output='Easy Hosting Control Panel'}
+	}
+})
+
 table.insert(fingerprints, {
 	category='general',
 	probes={