1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65
|
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
Plugin.define "ClientExec" do
author "Brendan Coles <bcoles@gmail.com>" # 2011-05-23
version "0.1"
description "ClientExec is a comprehensive and flexible web hosting billing solution designed for customer billing, helpdesk, e-mail and (team) management and communication. ClientExec was conceived and built with small to mid-sized hosting companies in mind."
website "http://www.clientexec.com/"
# ShodanHQ results as at 2011-05-23 #
# 74 for CLIENTEXEC
# 33 for fuse=newedge
# Google results as at 2011-05-23 #
# 254 for intitle:"Support Center - Powered By ClientExec"
# Dorks #
dorks [
'intitle:"Support Center - Powered By ClientExec"'
]
# Matches #
matches [
# HTML Comment
{ :text=>'<!-- These should not have debug at the end for production -->' },
# Default Title
{ :text=>'<title>Support Center - Powered By ClientExec</title>' },
# Login Form HTML
{ :text=>'<form action="index.php?fuse=admin&action=Login&public=1" method="post"' },
# Theme Detection
{ :module=>/<img class="logo" src="templates\/([^\/]+)\/images\/public\/caption_photo\.jpg" alt="clientexec" \/>/ },
]
# Passive #
def passive
m=[]
# CLIENTEXEC Cookie
if @headers["set-cookie"] =~ /CLIENTEXEC=[a-z\d]{26,32}; path=\//
m << { :name=>"CLIENTEXEC Cookie" }
# Unauthorized Version Installed
if @body =~ /^Cannot access EnterLicense view directly$/
m << { :string=>"Unauthorized Version" }
end
end
# Return passive matches
m
end
end
|