File: movable_type.rb

package info (click to toggle)
whatweb 0.4.9-2
  • links: PTS
  • area: main
  • in suites: buster
  • size: 21,188 kB
  • sloc: ruby: 33,652; sh: 614; makefile: 42
file content (97 lines) | stat: -rw-r--r-- 2,701 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# http://www.morningstarsecurity.com/research/whatweb
##
# Version 0.4 # 2011-07-07 # Brendan Coles <bcoles@gmail.com>
# updated regex
# added example urls, google dorks and version/path detection with mt-check.cgi
##
# Version 0.3
# Uses :version=>//
##
# Version 0.2
# remove :certainty
##

Plugin.define "Movable-Type" do
author "Andrew Horton"
version "0.4"
description "Blogging platform"
website "http://www.movabletype.org/"

# Google results as at 2011-07-07 #
# 122 for "Powered by Movable Type"
#  89 for inurl:/mt-check.cgi intitle:"Movable Type System Check [mt-check.cgi]"
#  26 for inurl:/mt/mt-check.cgi

# More examples:
# www.movabletype.com/showcase/

# Dorks #
dorks [
'"Powered by Movable Type"',
'inurl:/mt-check.cgi intitle:"Movable Type System Check [mt-check.cgi]"'
]



# Matches #
matches [

# javascript with 'mt' in the filename
{:name=>"javascript with 'mt' in the name",
:certainty=>50, :regexp=>/<script type="text\/javascript" src="[^"]+mt(-site)?\.js"><\/script>/},

# mt-tags|mt-tb|mt-cp|mt-search|mt-user-login|mt-recommend cgi
{:name=>"mt-tags|mt-tb|mt-cp|mt-search|mt-user-login|mt-recommend cgi",
:certainty=>75,
:regexp=>/"[^"]+\/mt-(tags|tb|cp|search|user-login|recommend)\.[f]?cgi[^"]*"/},

# Meta Generator
{:name=>"meta generator tag", :regexp=>/<meta name="generator" content="http:\/\/www\.movabletype\.org\/" \/>/},

# mt-check.cgi # Title
{ :text=>'<title>Movable Type System Check [mt-check.cgi]</title>' },

# Version Detection # mt-check.cgi
{ :version=>/<li><strong>Movable Type version:<\/strong> <code>([^<]+)<\/code><\/li>/ },

# Local Path Detection # mt-check.cgi
{ :filepath=>/<li><strong>Current working directory:<\/strong> <code>([^<]+)<\/code><\/li>/ },

# Powered by link
{:name=>"Powered by link", :regexp=>/<a href="http:\/\/sixapart\.com">Powered by Movable Type<\/a>/},
{:name=>"Powered by link", :regexp=>/Powered by <a href="http:\/\/www\.movabletype\.com\/"[^>]*>Movable Type<\/a>/ },

# Version Detection # Meta Generator
{:version=>/<meta name="generator" content="Movable Type ([^"]*)/,  :name=>"meta generator tag" } 

] 

end

=begin

# An aggressive plugin could check the following paths for confirmation:

# /mt or /mt/mt-check.cgi (discloses versions, paths)
# /mt/mt-tags.fcgi
# /mt-tb.fcgi
# /mt-cp.[f]?cgi
# /mt-search.cgi
# /mt-user-login.cgi
# /mt-recommend.cgi

# can't detect:
barackobama.com
blogs.oracle.com
electricartists.com/corporate
muledesign.com
www.radaronline.com
www.theatlantic.com
www.thehuffingtonpost.com

=end