1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66
|
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# https://morningstarsecurity.com/research/whatweb
##
Plugin.define do
name "cPanel"
authors [
"Andrew Horton",
# v0.2 # removed :name and :certainty=>100.
"Brendan Coles <bcoles@gmail.com>", # v0.3 # Added version detection. Added OS detection..
# v0.4 # 2011-04-06 # Brendan Coles <bcoles@gmail.com> # Added /cgi-sys/defaultwebpage.cgi and /img-sys/header.jpg aggressive matches.
# v0.5 # 2011-08-04 # Andrew Horton # added default meta refresh page
]
version "0.5"
description "Site configuration and management software application. Supporting many operating systems while allowing endusers to control every aspect of their webhosting experience."
website "http://www.cpanel.net/"
# Google results as at 2012-04-11 #
# 899 for inurl:":2082/frontend" -demo
# 487 for inurl:":2095/webmail/x3"
# Dorks #
dorks [
'inurl:":2082/frontend" -demo',
'inurl:":2095/webmail/x3"'
]
# Matches #
matches [
# Welcome Page # Default title
{ :text=>"<title>cPanel®</title>" },
# Welcome Page # Default logo HTML
{ :text=>'<div id="footer_images"><img src="sys_cpanel/images/powered_by.gif" />' },
# Welcome Page # Default text
{ :text=>"Apache is working on your cPanel<sup>®</sup> and WHM™ Server" },
# Default meta refresh redirection webpage
{ :text=>'<html><head><META HTTP-EQUIV="refresh" CONTENT="0;URL=/cgi-sys/defaultwebpage.cgi"></head><body></body></html>'},
# Login Page # Default CSS
{ :regexp=>/<link rel="stylesheet" href="[^>^"]*\/unprotected\/cpanel\/style_optimized\.css" type="text\/css" \/>/ },
# Version Detection # Login page # Default title
{ :version=>/<title>cPanel®[\s]{0,2}([\d\.]+)<\/title>/ },
# Aggressive # /cgi-sys/defaultwebpage.cgi
{ :url=>"/cgi-sys/defaultwebpage.cgi", :text=>'<p class="troubleshoot">It may be possible to restore access to this site by <a href="http://www.cpanel.net/docs/dnscache/cleardns.html">following these instructions</a> for clearing your dns cache.</p>' },
# Aggressive # /img-sys/header.jpg
{ :url=>"/img-sys/header.jpg", :md5=>"b0f3863b68ff707c3fb586bd87b4f9c6" },
# Version Detection # HTTP Server header
{ :search=>"headers[server]", :version=>/^cpsrvd\/([\d\.]+)$/ },
]
end
|