File: zoneminder.rb

package info (click to toggle)
whatweb 0.4.8~git20161009-1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 8,588 kB
  • ctags: 540
  • sloc: ruby: 33,376; sh: 612; makefile: 42
file content (66 lines) | stat: -rw-r--r-- 2,269 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
Plugin.define "ZoneMinder" do
author "Brendan Coles <bcoles@gmail.com>" # 2011-08-01
version "0.1"
description "Linux video camera security and surveillance solution - Web interface - Requires MySQL and PHP"
website "http://www.zoneminder.com/"

# ShodanHQ results as at 2013-01-22 #
# 1,020 for ZMSESSID

# Google results as at 2011-08-01 #
# 371 for "ZoneMinder Login" +Username +Password
#  18 for "ZoneMinder Console - Running" intitle:Console inurl:view=console

# Dorks #
dorks [
'"ZoneMinder Console - Running" intitle:Console inurl:view=console',
'"ZoneMinder Login" "Username" "Password" intitle:Login'
]



# Matches #
matches [

# favicon # /graphics/favicon.ico
{ :md5=>"e07c0775523271d629035dc8921dffc7", :url=>"/graphics/favicon.ico" },

# ZoneMinder Login Heading
{ :text=>'<tr><td colspan="2" class="smallhead" align="center">ZoneMinder Login</td></tr>' },

# Detect number of monitors
{ :string=>/<div id="monitorSummary"><a href="\?view=groups" onclick="createPopup\( '\?view=groups', 'zmGroups', 'groups' \); return\( false \);">([\d]+ Monitors)<\/a><\/div>/ },
{ :string=>/<a href="javascript: newWindow\( '\/index\.php\?view=groups', 'zmGroups', 400, 220 \);">([\d]+ Monitors)<\/a>/ },

# Version Detection
{ :version=>/Running<\/a> - <a href="\?view=version" onclick="createPopup\( '\?view=version', 'zmVersion', 'version' \); return\( false \);">v([^<^\s]+)<\/a><\/h2>/ },
{ :version=>/Running<\/a> - <a href="javascript: newWindow\( '\/index\.php\?view=version', 'zmVersion', 320, 140 \);">v([^<^\s]+)<\/a>/ },
{ :search=>"headers[server]", :version=>/^ZoneMinder Video Server\/([^\s]+)$/ },

# ZMSESSID Cookie
{ :search=>"headers[set-cookie]", :regexp=>/ZMSESSID=[^;]+/ },

]

# Passive #
def passive
	m=[]

	# Combined Match # h1 Heading and Password field
	if @body =~ /<h1>ZoneMinder Login<\/h1>/ and @body =~ /<td class="colRight"><input type="password" name="password" value="" size="12"\/><\/td>/

		m << { :name=>"h1 Heading and Password field" }

	end

	# Return passive matches
	m
end
end