Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: http-cakephp-version and new fingerprints for favicon-db and http-fingerprints
From: Fyodor <fyodor () insecure org>
Date: Tue, 17 May 2011 10:59:40 -0700

On Wed, May 04, 2011 at 03:29:54AM -0700, Paulino Calderon wrote:

     Here is my http-cakephp-version.nse, this script helps to 
determine the version of a CakePHP installation. CakePHP is a popular 
development framework for PHP that has been known to have security 
issues including a recent code execution vulnerability. For more 
information go to http://cakephp.org

    I'm also attaching .diff files with new fingerprint data for 
favicon-db and http-fingerprints.lua to identify CakePHP installations 
and possible versions.

Thanks Paulino.  The script looks great and it all seems to work in my
testing.  Here is what I get when scanning cakephp.org with "--script
http-cakephp-version,http-enum,http-favicon":

PORT     STATE SERVICE VERSION
80/tcp   open  http    nginx 0.7.67
|_http-favicon: Unknown favicon MD5: 35F05DCB27642D8D4D7861A6E02EE92D
| http-cakephp-version: Version of codebase: 1.1.x, 1.2.x
| Version of icons: 1.2.x
|_Version of stylesheet: n/a
| http-enum: 
|   /img/cake.icon.gif: CakePHP application
|   /js/vendors.php: CakePHP application
|_  /downloads/: Potentially interesting folder
8000/tcp open  http    CherryPy httpd 3.1.2
| http-cakephp-version: Version of codebase: 1.3.x
| Version of icons: n/a
|_Version of stylesheet: n/a

NOTES:

o I doesn't detect the favicon MD5 at http://cakephp.org/, which
  looks like a cakephp logo, but maybe it isn't one that is used
  for a release (see the MD5 checksum above).

o Regarding the lines like "Version of icons: n/a", it might be
  best to either remove these or describe more clearly what you
  mean by "n/a".  Could you not find the files?  Or maybe you found
  them but weren't able to match them to a CakePHP release?

o Once you take a quick look at these issues, please check it in.
  Since you are adding a new script, you need to also update the
  script DB.  This is pretty easy:
  1) Run ./nmap --script-updatedb
  2) Maybe do "svn diff scripts/script.db" and make sure there aren't
     any unanticipated changes from old/test scripts you might have
     laying around, etc.
  3) Check in the new scripts/script.db along with the script
     (including your favicon/http-enum patches in the same commit is
     fine too).

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault