Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: http-cakephp-version and new fingerprints for favicon-db and http-fingerprints
From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 20 May 2011 04:34:11 -0700

On 05/17/2011 10:59 AM, Fyodor wrote:
On Wed, May 04, 2011 at 03:29:54AM -0700, Paulino Calderon wrote:
      Here is my http-cakephp-version.nse, this script helps to
determine the version of a CakePHP installation. CakePHP is a popular
development framework for PHP that has been known to have security
issues including a recent code execution vulnerability. For more
information go to http://cakephp.org

     I'm also attaching .diff files with new fingerprint data for
favicon-db and http-fingerprints.lua to identify CakePHP installations
and possible versions.
Thanks Paulino.  The script looks great and it all seems to work in my
testing.  Here is what I get when scanning cakephp.org with "--script
http-cakephp-version,http-enum,http-favicon":

PORT     STATE SERVICE VERSION
80/tcp   open  http    nginx 0.7.67
|_http-favicon: Unknown favicon MD5: 35F05DCB27642D8D4D7861A6E02EE92D
| http-cakephp-version: Version of codebase: 1.1.x, 1.2.x
| Version of icons: 1.2.x
|_Version of stylesheet: n/a
| http-enum:
|   /img/cake.icon.gif: CakePHP application
|   /js/vendors.php: CakePHP application
|_  /downloads/: Potentially interesting folder
8000/tcp open  http    CherryPy httpd 3.1.2
| http-cakephp-version: Version of codebase: 1.3.x
| Version of icons: n/a
|_Version of stylesheet: n/a

NOTES:

o I doesn't detect the favicon MD5 at http://cakephp.org/, which
   looks like a cakephp logo, but maybe it isn't one that is used
   for a release (see the MD5 checksum above).

o Regarding the lines like "Version of icons: n/a", it might be
   best to either remove these or describe more clearly what you
   mean by "n/a".  Could you not find the files?  Or maybe you found
   them but weren't able to match them to a CakePHP release?

o Once you take a quick look at these issues, please check it in.
   Since you are adding a new script, you need to also update the
   script DB.  This is pretty easy:
   1) Run ./nmap --script-updatedb
   2) Maybe do "svn diff scripts/script.db" and make sure there aren't
      any unanticipated changes from old/test scripts you might have
      laying around, etc.
   3) Check in the new scripts/script.db along with the script
      (including your favicon/http-enum patches in the same commit is
      fine too).

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Revised and commited as r23208 and r23209.

Cheers.

--
Paulino Calderón Pale
Web: http://calderonpale.com
Twitter: @paulinocaIderon

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault