1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
Plugin.define "CrushFTP" do
author "Brendan Coles <bcoles@gmail.com>" # 2011-04-02
version "0.1"
description "A full-scale FTP server by Ben Spink written in Java using the SWING user interface libraries. [Mac OS/Windows/Linux] - Homepage: http://www.crushftp.com/"
# ShodanHQ results as at 2011-04-02 #
# 33 for CrushFTP
# Examples #
examples %w|
82.99.15.25
71.133.56.102
64.2.2.94
75.147.226.217
70.164.23.115
128.173.188.208
64.198.86.195
198.184.211.28
38.117.244.35
209.207.125.1
213.249.154.9
81.171.226.153
93.166.236.142
194.78.228.99
174.34.65.210
94.101.216.242
202.20.7.10
63.116.168.54
95.97.13.234
|
# Matches #
matches [
# JavaScript
{ :certainty=>25, :text=>'<script type="text/javascript" src="crushftp_functions.js"></script>' },
]
# Passive #
def passive
m=[]
# HTTP Server header
if @headers["server"] =~ /^CrushFTP (HTTP[\d]? Server )?Version ([\d\.]+)$/
# Version Detection # HTTP Server
m << { :version=>@headers["server"].scan(/^CrushFTP (HTTP[\d]? Server )?Version ([\d\.]+)$/)[0][1] } if @headers["server"] =~ /^CrushFTP (HTTP[\d]? Server )?Version ([\d\.]+)$/
# Account Detection # X-dmUser
m << { :account=>@headers["x-dmuser"] } unless @headers["x-dmuser"].nil?
end
# CrushAuth Cookie
m << { :name=>"CrushAuth Cookie" } if @headers["set-cookie"] =~ /^CrushAuth=/
# WWW-Authenticate
m << { :version=>@headers["www-authenticate"].scan(/^Basic realm="CrushFTP Server Version ([\d\.]+)"$/) } if @headers["www-authenticate"] =~ /^Basic realm="CrushFTP Server Version ([\d\.]+)"$/
# Return passive matches
m
end
end
|
