File: viewvc.rb

package info (click to toggle)
whatweb 0.6.1-1
  • links: PTS
  • area: main
  • in suites: forky, sid
  • size: 23,948 kB
  • sloc: ruby: 43,493; sh: 213; makefile: 41
file content (70 lines) | stat: -rw-r--r-- 2,136 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
 
##
# This file is part of WhatWeb and may be subject to
# redistribution and commercial restrictions. Please see the WhatWeb
# web site for more information on licensing and terms of use.
# https://morningstarsecurity.com/research/whatweb
##
Plugin.define do
name "ViewVC"
authors [
  "Brendan Coles <bcoles@gmail.com>", # 2011-03-18
  # v0.2 # 2011-03-19 # Added local file path aggressive match. 
  # v0.3 # 2017-12-09 # Tidied regex
]
version "0.3"
description "ViewVC (formerly known as ViewCVS) is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions."
website "http://viewvc.org/"

# Google results as at 2011-03-19 #
# 288 for "Powered by viewvc"
# 107 for inurl:viewvc.cgi ext:cgi
#  99 for inurl:viewcvs.cgi ext:cgi

dorks [
'"Powered by ViewVC"'
]

# Matches #
matches [

# Title
{ :text => '<title>ViewVC Repository Listing</title>' },

# HTML Comment
{ :text => '<!-- ViewVC :: http://www.viewvc.org/ -->' },
{ :text => '<!-- ViewCVS -- http://viewcvs.sourceforge.net/' },

# Version Detection # Powered by link
{ :version => %r{Powered by <a href="http://(viewcvs.sourceforge.net|viewvc.tigris.org)/">(ViewCVS|ViewVC) ([^<]+)</a></td>}, :offset => 2 },

# Version Detection # Meta Generator
{ :version => /<meta name="generator" content="View(VC|CVS) ([^"]+)"/, :offset => 1 }

]

# Aggressive #
aggressive do
  m=[]

  random_fname = rand(36 ** 6).to_s(36)

  if @base_uri.path =~ %r{^(.*/(viewvc|viewcvs|viewvc\.cgi|viewcvs\.cgi))}i
    target_url = "#{$1}/*docroot*/" + random_fname
  end

  # Open application base url + "/*docroot*/" + random filename
  unless target_url.nil?
    target = URI.join(@base_uri.to_s, target_url).to_s
    status,url,ip,body,headers = open_target(target)

    # Extract local file path
    file_path = body.scan(/\(\[Errno 2\] No such file or directory: '([^']+)#{random_fname}'\)/).flatten.first
    unless file_path.nil?
      m << { :filepath => file_path }
    end
  end

  m
end

end