PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 05:29:02 +00:00
Code Issues Projects Releases Wiki Activity

Adds a more meaningful target_check to the fingerprint for Apache Axis2

Browse Source
This commit is contained in:
nnposter
2016-08-19 18:50:23 +00:00
parent 0aefe63c2b
commit cc996985f8
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
nselib/data/http-default-accounts-fingerprints.lua
View File

@@ -193,6 +193,7 @@ table.insert(fingerprints, {
}) })
table.insert(fingerprints, { table.insert(fingerprints, {
-- Version 1.4.1, 1.5.2, 1.5.3, 1.6.0, 1.6.1
name = "Apache Axis2", name = "Apache Axis2",
category = "web", category = "web",
paths = { paths = {
@@ -200,12 +201,16 @@ table.insert(fingerprints, {
}, },
target_check = function (host, port, path, response) target_check = function (host, port, path, response)
return response.status == 200 return response.status == 200
and response.body
and response.body:lower():find("<title>login to axis2 :: administration page</title>", 1, true)
end, end,
login_combos = { login_combos = {
{username = "admin", password = "axis2"} {username = "admin", password = "axis2"}
}, },
login_check = function (host, port, path, user, pass) login_check = function (host, port, path, user, pass)
return try_http_post_login(host, port, path, "login", "Invalid auth credentials!", {submit="+Login+", userName=user, password=pass}) return try_http_post_login(host, port, path, "login",
"Invalid auth credentials!",
{submit="+Login+", userName=user, password=pass})
end end
}) })