[Openvas-commits] r3153 - in trunk/openvas-plugins: . scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue Apr 21 21:43:15 CEST 2009 

Author: edjenguele
Date: 2009-04-21 21:43:12 +0200 (Tue, 21 Apr 2009)
New Revision: 3153

Modified:
   trunk/openvas-plugins/ChangeLog
   trunk/openvas-plugins/scripts/remote-detect-ApacheOfbiz.nasl
Log:
Added Apache OFBiz version detection,
used HTTP/1.1 instead of HTTP/1.0


Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-04-21 13:01:32 UTC (rev 3152)
+++ trunk/openvas-plugins/ChangeLog	2009-04-21 19:43:12 UTC (rev 3153)
@@ -1,17 +1,21 @@
-2009-04-15 Thomas Reinke <reinke at securityspace.com>
-	* fcore_2009_3692.nasl fcore_2009_3700.nasl fcore_2009_3709.nasl
-	fcore_2009_3710.nasl fcore_2009_3711.nasl fcore_2009_3712.nasl
-	fcore_2009_3720.nasl fcore_2009_3740.nasl RHSA_2009_0427.nasl
-	RHSA_2009_0428.nasl RHSA_2009_0429.nasl RHSA_2009_0430.nasl
-	RHSA_2009_0431.nasl suse_sa_2009_020.nasl suse_sa_2009_021.nasl
-	suse_sa_2009_022.nasl suse_sa_2009_023.nasl ubuntu_757_1.nasl
-	ubuntu_758_1.nasl ubuntu_759_1.nasl ubuntu_760_1.nasl
-	glsa_200904_13.nasl glsa_200904_14.nasl glsa_200904_15.nasl
-	glsa_200904_16.nasl glsa_200904_17.nasl glsa_200904_18.nasl
-	glsa_200904_19.nasl freebsd_ejabberd.nasl freebsd_freetype22.nasl
-	freebsd_phpMyAdmin18.nasl freebsd_poppler0.nasl freebsd_xpdf3.nasl
-	freebsd_ziproxy.nasl deb_1771_1.nasl deb_1772_1.nasl deb_1773_1.nasl
-	deb_1774_1.nasl
+2009-04-21 Christian Eric Edjenguele <christian.edjenguele at owasp.org>
+	* script/remote-detect-ApacheOfbiz.nasl:
+	Modified added version detection
+
+2009-04-20 Thomas Reinke <reinke at securityspace.com>
+	* fcore_2009_3692.nasl fcore_2009_3700.nasl fcore_2009_3709.nasl,
+	fcore_2009_3710.nasl fcore_2009_3711.nasl fcore_2009_3712.nasl,
+	fcore_2009_3720.nasl fcore_2009_3740.nasl RHSA_2009_0427.nasl,
+	RHSA_2009_0428.nasl RHSA_2009_0429.nasl RHSA_2009_0430.nasl,
+	RHSA_2009_0431.nasl suse_sa_2009_020.nasl suse_sa_2009_021.nasl,
+	suse_sa_2009_022.nasl suse_sa_2009_023.nasl ubuntu_757_1.nasl,
+	ubuntu_758_1.nasl ubuntu_759_1.nasl ubuntu_760_1.nasl,
+	glsa_200904_13.nasl glsa_200904_14.nasl glsa_200904_15.nasl,
+	glsa_200904_16.nasl glsa_200904_17.nasl glsa_200904_18.nasl,
+	glsa_200904_19.nasl freebsd_ejabberd.nasl freebsd_freetype22.nasl,
+	freebsd_phpMyAdmin18.nasl freebsd_poppler0.nasl freebsd_xpdf3.nasl,
+	freebsd_ziproxy.nasl deb_1771_1.nasl deb_1772_1.nasl deb_1773_1.nasl,
+	deb_1774_1.nasl:
 	New Scripts
 
 2009-04-20 Christian Eric Edjenguele <christian.edjenguele at owasp.org>

Modified: trunk/openvas-plugins/scripts/remote-detect-ApacheOfbiz.nasl
===================================================================
--- trunk/openvas-plugins/scripts/remote-detect-ApacheOfbiz.nasl	2009-04-21 13:01:32 UTC (rev 3152)
+++ trunk/openvas-plugins/scripts/remote-detect-ApacheOfbiz.nasl	2009-04-21 19:43:12 UTC (rev 3153)
@@ -72,32 +72,38 @@
 
 port = 8443;
 
-# Additional modules are also available
+# TODO: test additional modules 
 modules = make_list('accounting/control/main','partymgr/control/main','webtools/control/main','ordermgr/control/main');
 report = '';
-response = '';
 
 foreach module (modules){
-	request = string("GET /", module, " HTTP/1.0\r\n","Host: ", get_host_name(), "\r\n\r\n");
+	request = string("GET /", module, " HTTP/1.1\r\n","Host: ", get_host_name(), "\r\n\r\n");
 
 	reply = https_req_get(port, request);
 
-	response = tolower(reply);
 
-	servletContainer = eregmatch(pattern:"Server: Apache-Coyote/([0-9.]+)",string:response, icase:TRUE);
-	ofbizTitlePattern = eregmatch(pattern:"<title>([a-zA-Z: ]+)</title>",string:response, icase:TRUE);
-	# TODO: also grab ofbiz version
+	if(reply){
+		response = tolower(reply);
 
-	if(ofbizTitlePattern){
-		if('ofbiz' >< ofbizTitlePattern[1]){
-			report += "Detected Apache Open For Business Module[" + ofbizTitlePattern[1] +"]";
-			replace_or_set_kb_item(name:"ApacheOFBiz/installed", value:TRUE);
-			# TODO: set ofbiz version
+		servletContainer = eregmatch(pattern:"Server: Apache-Coyote/([0-9.]+)",string:response, icase:TRUE);
+		ofbizTitlePattern = eregmatch(pattern:"<title>([a-zA-Z: ]+)</title>",string:response, icase:TRUE);
+		vendor = eregmatch(pattern:'powered by <a href="http://ofbiz.apache.org" target="_blank">([a-zA-Z ]+) ([0-9.]+)',string:response, icase:TRUE);
 
-			if((servletContainer)){
-				replace_or_set_kb_item(name:"ApacheCoyote/installed", value:TRUE);
-				replace_or_set_kb_item(name:"ApacheCoyote/version", value:servletContainer[1]);
-				report += "\n" + servletContainer[0];
+		if(ofbizTitlePattern){
+			if('ofbiz' >< ofbizTitlePattern[1]){
+				report += " Detected Apache Open For Business Module[" + ofbizTitlePattern[1] +"] ";
+				replace_or_set_kb_item(name:"ApacheOFBiz/installed", value:TRUE);
+				
+				if(vendor){
+					report += "\n Detected " + vendor[1] + " " + vendor[2];
+					replace_or_set_kb_item(name:"ApacheOFBiz/version", value:vendor[2]);
+				}
+
+				if((servletContainer)){
+					replace_or_set_kb_item(name:"ApacheCoyote/installed", value:TRUE);
+					replace_or_set_kb_item(name:"ApacheCoyote/version", value:servletContainer[1]);
+					report += "\n " + servletContainer[0];
+				}
 			}
 		}
 	}

More information about the Openvas-commits mailing list