File: nikto_multiple_index.plugin

package info (click to toggle)
nikto 1%3A2.1.4-2
  • links: PTS, VCS
  • area: non-free
  • in suites: wheezy
  • size: 2,276 kB
  • sloc: perl: 4,328; makefile: 11
file content (89 lines) | stat: -rw-r--r-- 3,067 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
#VERSION,2.02
# $Id: nikto_multiple_index.plugin 632 2011-02-19 02:49:31Z sullo $
###############################################################################
#  Copyright (C) 2004 CIRT, Inc.
#
#  This program is free software; you can redistribute it and/or
#  modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; version 2
#  of the License only.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
###############################################################################
# PURPOSE:
# Look for multiple unique index files
###############################################################################
sub nikto_multiple_index_init {
    my $id = { name        => "mutiple_index",
               full_name   => "Multiple Index",
               author      => "deity",
               description => "Checks for multiple index files",
               hooks       => { scan => { method => \&nikto_multiple_index, }, },
               copyright   => "2009 CIRT Inc"
               };

    return $id;
}

sub nikto_multiple_index {
    my ($mark) = @_;
    my $dbarray = init_db("db_multiple_index");
    my ($found, $hashes);
    foreach my $item (@$dbarray) {
        return if $mark->{'terminate'};

        # Use nfetch to minimise extra code
        # First we need to mangle the host.
        my ($res, $content) =
          nfetch($mark, "/$item->{'index'}", "GET", "", "", "", "multiple_index");

        if ($res == 200) {
            $content = rm_active_content($content, "/$item->{'index'}");
            my $hash = LW2::md4($content);
            $found{ $item->{'index'} } = $hash;
            $hashes{$hash}++;
        }

    }    # End foreach

    if (keys(%found) > 1) {

        # make sure we have unique pages
        $total_unique = 0;
        foreach my $hash (keys %hashes) {
            if ($hashes{$hash} eq 1) {
                $total_unique++;
            }
        }

        # one unique hash... bogus responses
        if ($total_unique <= 1) {
            return;
        }

        my $tempstring;
        foreach my $f (keys %found) { $tempstring .= "$f, "; }
        $tempstring =~ s/,$//;

        # some unique... report slightly differently
        if ($total_unique < keys(%found)) {
            add_vulnerability($mark,
                      "Multiple index files found (note, these may not all be unique): $tempstring",
                      740000, 0);
        }

        # all unique... report
        if ($total_unique eq keys(%found)) {
            add_vulnerability($mark, "Multiple index files found: $tempstring", 740000, 0);
        }
    }
}

1;