1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
|
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
# Version 0.2 # 2011-08-02 # Brendan Coles <bcoles@gmail.com>
# Added example urls and X-Powered-By version+JBossWeb detection
##
Plugin.define "JBoss" do
author "Louis Nyffenegger"
version "0.2"
description "JBoss Application Server is the #1 most widely used Java application server on the market. A Java EE certified platform for developing and deploying enterprise Java applications, Web applications, and Portals, JBoss Application Server provides the full range of Java EE 5 features as well as extended enterprise services including clustering, caching, and persistence. - Homepaeg: http://www.jboss.org/jbossas/"
# ShodanHQ results as at 2011-08-02 #
# 26,691 for JBoss
# 10,169 for JBossWeb
# 68 for JBossAS
# Google results as at 2011-08-02 #
# 41 for intitle:"Welcome to JBoss AS"
# Dorks #
dorks [
'intitle:"Welcome to JBoss AS"'
]
# Matches #
matches [
# Default title from Jboss homepage
{ :name=>"Jboss default title",
:regexp=>/<title>Welcome to JBoss AS<\/title>/},
# Jboss Homepage contains a link to administration console
{ :name =>"link to Administration Console",
:certainty=>50,
:regexp=>/<a href=\"\/admin-console\/\">Administration Console<\/a>/},
# Jboss Homepage contains a link to web console
{ :name =>"link to Web Console",
:regexp=>/<a href=\"\/web-console\/\">Jboss Web Console<\/a>/},
# Jboss Homepage contains a link to JMX console
{ :name =>"link to JMX Console",
:regexp=>/<a href=\"\/jmx-console\/\">JMX Console<\/a>/}
]
# Passive #
def passive
m=[]
# Version Detection # X-Powered-By Header
if @headers["x-powered-by"] =~ /JBoss(AS)?-([^\/^\s]+)/
m << { :version=>"#{$2}" }
end
# Module Detection # JBossWeb
if @headers["x-powered-by"] =~ /(JBossWeb-[^\/^\s^,]+)/
m << { :module=>"#{$1}" }
end
# Return passive matches
m
end
end
|