File: fastcgi-echo.rb

package info (click to toggle)
whatweb 0.4.8~git20161009-1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 8,588 kB
  • ctags: 540
  • sloc: ruby: 33,376; sh: 612; makefile: 42
file content (39 lines) | stat: -rw-r--r-- 1,296 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
Plugin.define "FastCGI-echo" do
author "Brendan Coles <bcoles@gmail.com>" # 2010-10-10
version "0.1"
description "Many Oracle web server installations have a fcgi-bin/echo script left over from default demo (google for inurl:fcgi-bin/echo). This file should have been removed as per: http://download.oracle.com/docs/cd/B14099_19/core.1012/b13999/checklist.htm#BABIBCIC"
# Vulnerable to XSS: /fcgi-bin/echo?<script>alert(1)</script>

# Google results as at 2010-10-10 #
# 247 for inurl:fcgi-bin/echo intitle:"FastCGI echo"
# 53  for inurl:fcgi-bin/echo intitle:"FastCGI echo" inurl:.gov
# 46  for inurl:fcgi-bin/echo intitle:"FastCGI echo" inurl:.edu

# Dorks #
dorks [
'inurl:fcgi-bin/echo intitle:"FastCGI echo"'
]



matches [

{ :text=>'SCRIPT_NAME=/fcgi-bin/echo' },
{ :text=>'<title>FastCGI echo</title><h1>FastCGI echo</h1>' },
{ :text=>'REQUEST_URI=/fcgi-bin/echo' },

# Version detection
{ :version=>/HTTP_ORACLE_CACHE_VERSION=([\d\.]+)/ },
{ :version=>/SERVER_SOFTWARE=([^\n]+)/ },
{ :version=>/SERVER_SIGNATURE=<ADDRESS>([^<]+)/ },

]

end