RubyGems - intrigue-ident - Versions diffs - 0.48 → 0.49 - Mend

intrigue-ident 0.48 → 0.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

data/lib/checks/chef.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module Check
             :version => nil,
             :match_type => :content_body,
             :match_content =>  /<title>Chef Server<\/title>/,
-            :dynamic_version => lambda{|x| x["details"]["hidden_response_data"].scan(/Version\ (.*)\ &mdash;/)[0].first },
+            :dynamic_version => lambda{|x| _first_body_capture(/Version\ (.*)\ &mdash;/) },
             :paths => ["#{url}"]
           },
           {

data/lib/checks/cisco.rb CHANGED Viewed

@@ -25,8 +25,10 @@ module Check
             :tags => ["tech:vpn"],
             :version => nil,
             :match_type => :content_body,
-            :match_content =>  /document.location.replace\(\"\/\+CSCOE\+\/logon.html\"\)/,
-            :examples => ["https://12.237.144.250:443", "http://12.150.243.178:80"],
+            :match_content => /document.location.replace\(\"\/\+CSCOE\+\/logon.html\"\)/,
+            :examples => [
+              "https://12.237.144.250:443",
+              "http://12.150.243.178:80"],
             :hide => false,
             :paths => ["#{url}"]
           },

data/lib/checks/citrix.rb CHANGED Viewed

@@ -16,7 +16,20 @@ module Check
             :match_content =>  /<title>Netscaler Gateway/,
             :hide => false,
             :paths => ["#{url}"]
+          },
+          {
+            :type => "application",
+            :vendor => "Citrix",
+            :product => "Netscaler Gateway",
+            :match_details => "(often) customized logon page - netscaler gateway",
+            :tags => ["tech:vpn"],
+            :version => nil,
+            :match_type => :content_body,
+            :match_content => /CTXMSAM_LogonFont/,
+            :hide => false,
+            :paths => ["#{url}"]
           }
         ]
       end

data/lib/checks/cloudflare.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Check
       def generate_checks(url)
         [
           {
-            :type => "application",
+            :type => "service",
             :vendor => "Cloudflare",
             :product =>"CDN",
             :version => nil,
@@ -16,7 +16,7 @@ module Check
             :paths => ["#{url}"]
           },
           {
-            :type => "application",
+            :type => "service",
             :vendor => "Cloudflare",
             :product =>"CDN",
             :version => nil,
@@ -26,7 +26,7 @@ module Check
             :paths => ["#{url}"]
           },
           {
-            :type => "application",
+            :type => "service",
             :vendor => "Cloudflare",
             :product =>"CDN",
             :tags => ["error_page"],
@@ -38,7 +38,7 @@ module Check
             :paths => ["#{url}"]
           },
           {
-            :type => "application",
+            :type => "service",
             :vendor => "Cloudflare",
             :product =>"CDN",
             :match_details =>"Cloudflare Error",
@@ -50,7 +50,7 @@ module Check
             :paths => ["#{url}"]
           },
           {
-            :type => "application",
+            :type => "service",
             :vendor => "Cloudflare",
             :product =>"CDN",
             :match_details =>"Cloudfront Error - Direct IP Access",

data/lib/checks/drupal.rb CHANGED Viewed

@@ -14,11 +14,24 @@ module Check
             :match_type => :content_body,
             :match_content =>  /Drupal/,
             :dynamic_version => lambda { |x|
-              version = x["details"]["hidden_response_data"].scan(/^(Drupal.*)[ ,<\.].*$/)[0]
-              return version.first.gsub("Drupal ","").gsub(",","").chomp if version
+              _first_body_capture(x,/^(Drupal.*)[ ,<\.].*$/,["Drupal ",","])
             },
             :paths => ["#{url}/CHANGELOG.txt"]
+          },
+          {
+            :type => "application",
+            :vendor => "Drupal",
+            :product => "Drupal",
+            :match_details => "Drupal headers",
+            :version => nil,
+            :match_type => :content_headers,
+            :match_content =>  /x-drupal-cache:/,
+            :dynamic_version => lambda { |x|
+              _first_header_capture(x,/x-generator: Drupal\ ([0-9]+)\ \(https:\/\/www.drupal.org\)/i,)
+            },
+            :paths => ["#{url}"]
           }
         ]
       end

data/lib/checks/f5.rb CHANGED Viewed

@@ -10,10 +10,23 @@ module Check
             :vendor => "F5",
             :product =>"BIG-IP APM",
             :match_details =>"F5 BIG-IP APM",
-            :tags => ["tech:vpn"],
+            :tags => ["tech:load_balancer"],
             :version => nil,
             :match_type => :content_cookies,
-            :match_content =>  /MRHSession/,
+            :match_content => /MRHSession/,
+            :hide => false,
+            :paths => ["#{url}"]
+          },
+          {
+            :type => "hardware",
+            :vendor => "F5",
+            :product =>"BIG-IP",
+            :match_details =>"F5 BIG-IP Load balancer cookie",
+            :tags => ["tech:load_balancer"],
+            :version => nil,
+            :match_type => :content_cookies,
+            :match_content =>  /BIGipServer/,
+            :examples => ["https://reset.oxy.com:443"],
             :hide => false,
             :paths => ["#{url}"]
           }

data/lib/checks/fastly.rb CHANGED Viewed

@@ -6,11 +6,11 @@ module Check
       def generate_checks(url)
         [
           {
-            :type => "application",
+            :type => "service",
             :vendor =>"Fastly",
             :product =>"Fastly",
             :match_details =>"",
-            :version => "",
+            :version => nil,
             :match_type => :content_headers,
             :match_content =>  /x-fastly-backend-reqs/i,
             :paths => ["#{url}"]

data/lib/checks/groovy.rb ADDED Viewed

@@ -0,0 +1,24 @@
+module Intrigue
+module Ident
+module Check
+    class Groovy < Intrigue::Ident::Check::Base
+      def generate_checks(url)
+        [
+          {
+            :type => "application",
+            :vendor => "Groovy",
+            :product =>"Groovy",
+            :match_details =>"Groovy error page",
+            :match_type => :content_body,
+            :version => nil,
+            :match_content =>  /Error processing GroovyPageView:/i,
+            :paths => ["#{url}"]
+          }
+        ]
+      end
+    end
+  end
+  end
+  end

data/lib/checks/heroku.rb CHANGED Viewed

@@ -6,7 +6,7 @@ module Check
       def generate_checks(url)
         [
           {
-            :type => "application",
+            :type => "service",
             :vendor => "Heroku",
             :product =>"Heroku",
             :match_details =>"Heroku",

data/lib/checks/jenkins.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module Check
             :version => nil,
             :match_type => :content_headers,
             :match_content =>  /x-hudson/i,
-            :dynamic_version => lambda { |x| x["details"]["headers"].select{|y| y =~ /x-hudson/}.split(":").last },
+            :dynamic_version => lambda { |x| _first_header_capture(x, /^x-hudson:(.*)$/) },
             :paths => ["#{url}"]
           },
           {
@@ -34,7 +34,7 @@ module Check
             :version => nil,
             :match_type => :content_headers,
             :match_content =>  /x-jenkins/i,
-            :dynamic_version => lambda { |x|  x["details"]["headers"].select{|y| y =~ /x-jenkins/}.split(":").last },
+            :dynamic_version => lambda { |x| _first_header_capture(x, /^x-jenkins:(.*)$/) },
             :paths => ["#{url}"]
           }
         ]

data/lib/checks/jobvite.rb ADDED Viewed

@@ -0,0 +1,25 @@
+module Intrigue
+module Ident
+module Check
+    class Jobvite < Intrigue::Ident::Check::Base
+      def generate_checks(url)
+        [
+          {
+            :type => "service",
+            :vendor =>"Jobvite",
+            :product =>"Jobvite",
+            :match_details =>"jobvite cookie - unconfirmed!!!!",
+            :version => nil,
+            :match_type => :content_cookies,
+            :match_content =>  /ADRUM_BTa/i,
+            :examples => ["http://202.1.239.165:80"],
+            :paths => ["#{url}"]
+          }
+        ]
+      end
+    end
+  end
+  end
+  end

data/lib/checks/lotus.rb CHANGED Viewed

@@ -13,7 +13,9 @@ module Check
             :match_type => :content_headers,
             :version => nil,
             :match_content =>  /server: Lotus-Domino/i,
-            :examples => ["https://12.237.144.251:443"],
+            :examples => [
+              "https://12.237.144.251:443"
+            ],
             :paths => ["#{url}"]
           }
         ]

data/lib/checks/mediawiki.rb CHANGED Viewed

@@ -1,40 +1,24 @@
 module Intrigue
 module Ident
 module Check
-    class MediaWiki < Intrigue::Ident::Check::Base
-      def generate_checks(url)
-        [
-          {
-            :type => "application",
-            :vendor =>"MediaWiki",
-            :product =>"MediaWiki",
-            :match_details =>"MediaWiki",
-            :match_type => :content_body,
-            :version => nil,
-            :match_content =>  /<a href="\/\/www.mediawiki.org\/">Powered by MediaWiki<\/a>/,
-            :paths => ["#{url}"]
-          }
-        ]
-      end
+  class MediaWiki < Intrigue::Ident::Check::Base
+    def generate_checks(url)
+      [
+        {
+          :type => "application",
+          :vendor =>"MediaWiki",
+          :product =>"MediaWiki",
+          :match_details =>"MediaWiki",
+          :match_type => :content_body,
+          :version => nil,
+          :match_content =>  /<a href="\/\/www.mediawiki.org\/">Powered by MediaWiki<\/a>/,
+          :paths => ["#{url}"]
+        }
+      ]
     end
   end
-  end
-  end
-=begin
-all_checks = [{
-  :url => "#{url}",
-  :checklist => [
-  {
-    :product =>"Yoast Wordpress SEO Plugin", # won't be used if we have
-    :match_details =>"Yoast Wordpress SEO Plugin",
-    :match_type => "content",
-    :match_content =>  /<!-- \/ Yoast WordPress SEO plugin. -->/,
-    :test_site => "https://ip-50-62-231-56.ip.secureserver.net",
-    :dynamic_name => lambda{|x| x.scan(/the Yoast WordPress SEO plugin v.* - h/)[0].gsub("the ","").gsub(" - h","") }
-  }
-]},
-=end
+end
+end
+end

data/lib/checks/microsoft.rb CHANGED Viewed

@@ -76,7 +76,7 @@ module Check
             :version => nil,
             :match_type => :content_headers,
             :match_content =>  /x-powered-by: ASP.NET/,
-            :examples => ["http://info.nucor.com:80"],
+            :examples => [],
             :paths => ["#{url}"]
           },
           {
@@ -107,9 +107,7 @@ module Check
             :match_details =>"server header",
             :version => nil,
             :dynamic_version => lambda { |x|
-              x["details"]["headers"].select{ |y|
-                y =~ /server: Microsoft-IIS/ }.first.match(
-                  /server: Microsoft-IIS\/(.*)/).captures.first
+              _first_header_capture x, /server: Microsoft-IIS\/(.*)/
             },
             :match_type => :content_headers,
             :match_content =>  /server: Microsoft-IIS\//,
@@ -164,6 +162,42 @@ module Check
             :examples => ["http://66.162.2.74:80"],
             :paths => ["#{url}"]
           },
+          {
+            :type => "application",
+            :vendor => "Microsoft",
+            :product =>"IIS",
+            :match_details =>"Microsoft IIS Generic Error - 403",
+            :tags => ["error_page"],
+            :version => nil,
+            :match_type => :content_body,
+            :hide => true,
+            :match_content =>  /403 Forbidden. The server denied the specified Uniform Resource Locator (URL)/,
+            :paths => ["#{url}"]
+          },
+          {
+            :type => "application",
+            :vendor => "Microsoft",
+            :product =>"IIS",
+            :match_details =>"Microsoft Generic Error - 503",
+            :tags => ["error_page"],
+            :version => nil,
+            :match_type => :content_body,
+            :hide => true,
+            :match_content =>  /HTTP Error 503. The service is unavailable./,
+            :paths => ["#{url}"]
+          },
+          {
+            :type => "service",
+            :vendor =>"Microsoft",
+            :product =>"Office 365",
+            :match_details =>"office 365 fronted by okta",
+            :version => nil,
+            :match_type => :content_body,
+            :match_content =>  /ok3static.oktacdn.com\/assets\/img\/logos\/office365/i,
+            :examples => ["http://outlook.newscorp.com:80"],
+            :paths => ["#{url}"]
+          },
           {
             :type => "application",
             :vendor => "Microsoft",
@@ -172,7 +206,7 @@ module Check
             :version => nil,
             :match_type => :content_headers,
             :match_content =>  /x-owa-version/,
-            :dynamic_version => lambda { |x|  x["details"]["headers"].select{|y| y =~ /x-owa-version/}.first.split(":").last },
+            :dynamic_version => lambda { |x| _first_header_capture(/x-owa-version:(.*)/) },
             :paths => ["#{url}"]
           },
           {
@@ -184,35 +218,22 @@ module Check
             :match_type => :content_body,
             :match_content =>  /OwaPage\ =\ ASP.auth_logon_aspx/,
             :dynamic_version => lambda { |x|
-              m = x["details"]["hidden_response_data"].match(/href=\"\/owa\/auth\/(.*)\/themes\/resources\/favicon.ico/)
-              return m.captures.first if m
+              _first_body_capture x, /href=\"\/owa\/auth\/(.*)\/themes\/resources\/favicon.ico/
             },
             :paths => ["#{url}"]
           },
           {
             :type => "application",
             :vendor => "Microsoft",
-            :product =>"IIS",
-            :match_details =>"Microsoft IIS Generic Error - 403",
-            :tags => ["error_page"],
+            :product =>"Sharepoint",
+            :match_details =>"Sharepoint cookie",
             :version => nil,
-            :match_type => :content_body,
-            :hide => true,
-            :match_content =>  /403 Forbidden. The server denied the specified Uniform Resource Locator (URL)/,
+            :match_type => :content_headers,
+            :match_content =>  /sprequestguid/,
+            :dynamic_version => lambda { |x| _first_header_capture(x,/microsoftsharepointteamservices:(.*)/) },
+            :examples => ["http://sharepoint.edghelp.realogyfg.com:80"],
             :paths => ["#{url}"]
           },
-          {
-            :type => "application",
-            :vendor => "Microsoft",
-            :product =>"IIS",
-            :match_details =>"Microsoft Generic Error - 503",
-            :tags => ["error_page"],
-            :version => nil,
-            :match_type => :content_body,
-            :hide => true,
-            :match_content =>  /HTTP Error 503. The service is unavailable./,
-            :paths => ["#{url}"]
-          }
         ]
       end

data/lib/checks/new_relic.rb ADDED Viewed

@@ -0,0 +1,25 @@
+module Intrigue
+module Ident
+module Check
+    class NewRelic < Intrigue::Ident::Check::Base
+      def generate_checks(url)
+        [
+          {
+            :type => "service",
+            :vendor => "NewRelic",
+            :product =>"NewRelic",
+            :references => ["https://discuss.newrelic.com/t/relic-solution-what-is-bam-nr-data-net-new-relic-browser-monitoring/42055"],
+            :match_details =>"NewRelic tracking code",
+            :version => nil,
+            :match_type => :content_body,
+            :match_content =>  /bam.nr-data.net/i,
+            :paths => ["#{url}"]
+          }
+        ]
+      end
+    end
+  end
+  end
+  end