[NSE] Adds new fingerprints to http-default-accounts for Hikvision cameras and NUOO DVRs

CHANGELOG

@@ -1,5 +1,8 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Added two new fingerprints to http-default-accounts
+  (Hikvision DS-XXX Network Camera and NUOO DVR) [Paulino Calderon]
+
 o Add the --resolve-all option to resolve and scan all IP addresses of a host.
   This essentially replaces the resolveall NSE script. [Daniel Miller]
 

nselib/data/http-default-accounts-fingerprints.lua

@@ -1129,6 +1129,45 @@ table.insert(fingerprints, {
   end
 })
 
+table.insert(fingerprints, {
+  name = "Hikvision DS-XXX Network Camera",
+  category = "security",
+  paths = {
+    {path = "/PSIA/Custom/SelfExt/userCheck"},
+  },
+  target_check = function (host, port, path, response)
+    return response.header["server"] == "App-webs/"
+ 
+  end,
+  login_combos = {
+    {username = "admin", password = "12345"},
+  },
+  login_check = function (host, port, path, user, pass)
+    return try_http_basic_login(host, port, path, user, pass, false)
+  end
+})
+
+table.insert(fingerprints, {
+  name = "NUOO DVR",
+  category = "security",
+  paths = {
+    {path = "/"},
+  },
+  target_check = function (host, port, path, response)
+    return response.header['server'] and response.header["server"]:find("lighttpd") 
+      and response.body and response.body:lower():find("<title>network video recorder login</title>")
+  end,
+  login_combos = {
+    {username = "admin", password = "admin"},
+  },
+  login_check = function (host, port, path, user, pass)
+    local resp = http_post_simple(host, port,
+                                 url.absolute(path, "login.php"), nil,
+                                 {language="en", user=user, pass=pass,submit="Login"})
+    if resp.status == 302 and not(resp.body:find("loginfail")) then return true end
+  end
+})
+
 ---
 --Industrial systems
 ---