1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
Plugin.define "ClientExec" do
author "Brendan Coles <bcoles@gmail.com>" # 2011-05-23
version "0.1"
description "ClientExec is a comprehensive and flexible web hosting billing solution designed for customer billing, helpdesk, e-mail and (team) management and communication. ClientExec was conceived and built with small to mid-sized hosting companies in mind."
website "http://www.clientexec.com/"
# ShodanHQ results as at 2011-05-23 #
# 74 for CLIENTEXEC
# 33 for fuse=newedge
# Google results as at 2011-05-23 #
# 254 for intitle:"Support Center - Powered By ClientExec"
# Dorks #
dorks [
'intitle:"Support Center - Powered By ClientExec"'
]
# Matches #
matches [
# HTML Comment
{ :text=>'<!-- These should not have debug at the end for production -->' },
# Default Title
{ :text=>'<title>Support Center - Powered By ClientExec</title>' },
# Login Form HTML
{ :text=>'<form action="index.php?fuse=admin&action=Login&public=1" method="post"' },
# Theme Detection
{ :module=>/<img class="logo" src="templates\/([^\/]+)\/images\/public\/caption_photo\.jpg" alt="clientexec" \/>/ },
]
# Passive #
def passive
m=[]
# CLIENTEXEC Cookie
if @headers["set-cookie"] =~ /CLIENTEXEC=[a-z\d]{26,32}; path=\//
m << { :name=>"CLIENTEXEC Cookie" }
# Unauthorized Version Installed
if @body =~ /^Cannot access EnterLicense view directly$/
m << { :string=>"Unauthorized Version" }
end
end
# Return passive matches
m
end
end
|
