intrigue-ident 0.49 → 0.51
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/lib/checks/adobe.rb +13 -0
- data/lib/checks/amazon.rb +20 -9
- data/lib/checks/apache.rb +14 -0
- data/lib/checks/atlassian.rb +5 -2
- data/lib/checks/automattic.rb +51 -0
- data/lib/checks/banu.rb +28 -0
- data/lib/checks/base.rb +11 -0
- data/lib/checks/cisco.rb +12 -0
- data/lib/checks/citrix.rb +14 -0
- data/lib/checks/cloudflare.rb +8 -8
- data/lib/checks/craft.rb +25 -0
- data/lib/checks/docuwiki.rb +25 -0
- data/lib/checks/drupal.rb +4 -2
- data/lib/checks/f5.rb +14 -1
- data/lib/checks/generic.rb +19 -4
- data/lib/checks/gitlab.rb +4 -0
- data/lib/checks/google.rb +12 -1
- data/lib/checks/ibm.rb +63 -0
- data/lib/checks/ivanti.rb +27 -0
- data/lib/checks/jamf.rb +26 -0
- data/lib/checks/jekyll.rb +28 -0
- data/lib/checks/jive.rb +25 -0
- data/lib/checks/joomla.rb +1 -0
- data/lib/checks/jupyter.rb +26 -0
- data/lib/checks/lighttpd.rb +28 -0
- data/lib/checks/mailchimp.rb +25 -0
- data/lib/checks/microsoft.rb +39 -7
- data/lib/checks/openresty.rb +25 -0
- data/lib/checks/oracle.rb +59 -3
- data/lib/checks/pantheon.rb +26 -0
- data/lib/checks/php.rb +12 -1
- data/lib/checks/ruckus_wireless.rb +24 -0
- data/lib/checks/tableau.rb +26 -0
- data/lib/checks/zeit.rb +28 -0
- data/lib/checks/zimbra.rb +24 -0
- data/lib/checks/zscaler.rb +1 -1
- data/lib/intrigue-ident.rb +5 -5
- metadata +19 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f91b614544db4600d47b6c438d375db720472ba450931c6fe672291a42b01b5f
|
|
4
|
+
data.tar.gz: 762f2ff05f40d7aef97379be04a5341aca83312d8ff1f859f26336f9e2da7b8f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6e839dc08186fbfe8261848d939e187efffa985fd0b2af8d99455dccf147b84c2e31df84cfb0a3e180051079a2f06406a1873059d7f6c42b79524dd4b0fa2e8e
|
|
7
|
+
data.tar.gz: bfe37dc2199e514692f14838097f37d58bb87260d6671bebe873faccbe10233e53c81d47adcfd12690d14378ef54733c8aaced3c3c1d8046f6c197ec889d1a7c
|
data/Gemfile
CHANGED
data/lib/checks/adobe.rb
CHANGED
|
@@ -16,7 +16,20 @@ class Adobe < Intrigue::Ident::Check::Base
|
|
|
16
16
|
:hide => false,
|
|
17
17
|
:examples => ["https://209.235.70.106:443"],
|
|
18
18
|
:paths => ["#{url}"]
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
:type => "application",
|
|
22
|
+
:vendor => "Adobe",
|
|
23
|
+
:product => "Experience MAnager",
|
|
24
|
+
:version => nil,
|
|
25
|
+
:match_type => :content_body,
|
|
26
|
+
:match_content => /AEM/,
|
|
27
|
+
:match_details => "Adobe Experience Manager",
|
|
28
|
+
:hide => false,
|
|
29
|
+
:examples => ["https://www.ford.com/content/dam/login/core/content/login"],
|
|
30
|
+
:paths => ["#{url}/libs/granite/core/content/login.html"]
|
|
19
31
|
}
|
|
32
|
+
|
|
20
33
|
]
|
|
21
34
|
end
|
|
22
35
|
end
|
data/lib/checks/amazon.rb
CHANGED
|
@@ -8,9 +8,20 @@ class Amazon < Intrigue::Ident::Check::Base
|
|
|
8
8
|
{
|
|
9
9
|
:type => "service",
|
|
10
10
|
:vendor => "Amazon",
|
|
11
|
-
:product =>"Cloudfront
|
|
12
|
-
:match_details =>"
|
|
13
|
-
:version =>
|
|
11
|
+
:product =>"Cloudfront",
|
|
12
|
+
:match_details =>"cloudfront cache header",
|
|
13
|
+
:version => nil,
|
|
14
|
+
:match_type => :content_headers,
|
|
15
|
+
:match_content => /via:.*.cloudfront.net \(CloudFront\)/,
|
|
16
|
+
:hide => false,
|
|
17
|
+
:paths => ["#{url}"]
|
|
18
|
+
},
|
|
19
|
+
{
|
|
20
|
+
:type => "service",
|
|
21
|
+
:vendor => "Amazon",
|
|
22
|
+
:product =>"Cloudfront",
|
|
23
|
+
:match_details =>"Cloudfront - no configured hostname error condition",
|
|
24
|
+
:version => nil,
|
|
14
25
|
:match_type => :content_body,
|
|
15
26
|
:match_content => /ERROR: The request could not be satisfied/,
|
|
16
27
|
:hide => true,
|
|
@@ -19,9 +30,9 @@ class Amazon < Intrigue::Ident::Check::Base
|
|
|
19
30
|
{
|
|
20
31
|
:type => "service",
|
|
21
32
|
:vendor => "Amazon",
|
|
22
|
-
:product =>"Cloudfront
|
|
23
|
-
:match_details =>"Cloudfront - no configured hostname",
|
|
24
|
-
:version =>
|
|
33
|
+
:product =>"Cloudfront",
|
|
34
|
+
:match_details =>"Cloudfront - no configured hostname error condition",
|
|
35
|
+
:version => nil,
|
|
25
36
|
:match_type => :content_headers,
|
|
26
37
|
:match_content => /Error from cloudfront/,
|
|
27
38
|
:hide => true,
|
|
@@ -30,9 +41,9 @@ class Amazon < Intrigue::Ident::Check::Base
|
|
|
30
41
|
{
|
|
31
42
|
:type => "service",
|
|
32
43
|
:vendor => "Amazon",
|
|
33
|
-
:product =>"Cloudfront
|
|
34
|
-
:match_details =>"Cloudfront - 403",
|
|
35
|
-
:version =>
|
|
44
|
+
:product =>"Cloudfront",
|
|
45
|
+
:match_details =>"Cloudfront - 403 error condition",
|
|
46
|
+
:version => nil,
|
|
36
47
|
:match_type => :content_body,
|
|
37
48
|
:match_content => /<h1>403 Forbidden<\/h1><\/center>\n<hr><center>cloudflare/,
|
|
38
49
|
:hide => true,
|
data/lib/checks/apache.rb
CHANGED
|
@@ -48,6 +48,20 @@ class Apache < Intrigue::Ident::Check::Base
|
|
|
48
48
|
:examples => [ "http://15.224.214.203:80" ],
|
|
49
49
|
:paths => ["#{url}"]
|
|
50
50
|
},
|
|
51
|
+
{
|
|
52
|
+
:type => "application",
|
|
53
|
+
:vendor => "Apache",
|
|
54
|
+
:product =>"Sling",
|
|
55
|
+
:references => ["https://sling.apache.org/"],
|
|
56
|
+
:match_details =>"Apache Sling™ is a framework for RESTful web-applications based on an extensible content tree. also note that this may be related to apache experience manager",
|
|
57
|
+
:version => nil,
|
|
58
|
+
:match_type => :content_body,
|
|
59
|
+
:match_content => /<address>Apache Sling<\/address>/i,
|
|
60
|
+
:examples => [
|
|
61
|
+
"https://assets.microncpg.com/"
|
|
62
|
+
],
|
|
63
|
+
:paths => ["#{url}"]
|
|
64
|
+
},
|
|
51
65
|
{
|
|
52
66
|
:type => "application",
|
|
53
67
|
:vendor => "Apache",
|
data/lib/checks/atlassian.rb
CHANGED
|
@@ -56,10 +56,13 @@ class Atlassian < Intrigue::Ident::Check::Base
|
|
|
56
56
|
:match_details =>"Atlassian Jira",
|
|
57
57
|
:version => nil,
|
|
58
58
|
:match_type => :content_cookies,
|
|
59
|
-
:match_content => /atlassian.xsrf.token
|
|
59
|
+
:match_content => /atlassian.xsrf.token=/i,
|
|
60
60
|
:dynamic_version => lambda{ |x|
|
|
61
|
-
_first_body_capture(x,/<
|
|
61
|
+
_first_body_capture(x,/<meta name="ajs-version-number" content="(.*)">/)
|
|
62
62
|
},
|
|
63
|
+
:examples => [
|
|
64
|
+
"http://jira.understood.org/",
|
|
65
|
+
"http://jira.londonandpartners.com:80"],
|
|
63
66
|
:paths => ["#{url}"]
|
|
64
67
|
}
|
|
65
68
|
]
|
data/lib/checks/automattic.rb
CHANGED
|
@@ -5,9 +5,51 @@ module Check
|
|
|
5
5
|
|
|
6
6
|
def generate_checks(url)
|
|
7
7
|
[
|
|
8
|
+
{
|
|
9
|
+
:type => "application",
|
|
10
|
+
:vendor =>"Automattic",
|
|
11
|
+
:tags => ["CMS"],
|
|
12
|
+
:product =>"Wordpress",
|
|
13
|
+
:match_details =>"wordpress generator tag in content",
|
|
14
|
+
:version => nil,
|
|
15
|
+
:match_type => :content_body,
|
|
16
|
+
:match_content => /<meta name="generator" content="WordPress/i,
|
|
17
|
+
:dynamic_version => lambda { |x| _first_body_capture x, /<meta name=\"generator\" content=\"WordPress\ (.*)\" \/>/i },
|
|
18
|
+
:hide => false,
|
|
19
|
+
:examples => [
|
|
20
|
+
"http://www.jewelosco.com:80",
|
|
21
|
+
"http://blog.nolimitvpn.com:80"
|
|
22
|
+
],
|
|
23
|
+
:paths => ["#{url}"]
|
|
24
|
+
},
|
|
25
|
+
{
|
|
26
|
+
:type => "application",
|
|
27
|
+
:vendor =>"Automattic",
|
|
28
|
+
:tags => ["CMS"],
|
|
29
|
+
:product =>"Wordpress",
|
|
30
|
+
:match_details =>"common link",
|
|
31
|
+
:version => nil,
|
|
32
|
+
:match_type => :content_body,
|
|
33
|
+
:match_content => /<link rel='https:\/\/api.w.org\/'/,
|
|
34
|
+
:examples => ["https://staging.blogs.nordstrom.com:443"],
|
|
35
|
+
:paths => ["#{url}"]
|
|
36
|
+
},
|
|
37
|
+
{
|
|
38
|
+
:type => "application",
|
|
39
|
+
:vendor =>"Automattic",
|
|
40
|
+
:tags => ["CMS"],
|
|
41
|
+
:product =>"Wordpress (Hosted)",
|
|
42
|
+
:match_details =>"unique header",
|
|
43
|
+
:version => nil,
|
|
44
|
+
:match_type => :content_headers,
|
|
45
|
+
:match_content => /x-hacker: If you're reading this, you should visit automattic.com/,
|
|
46
|
+
:examples => ["http://192.0.78.12:80"],
|
|
47
|
+
:paths => ["#{url}"]
|
|
48
|
+
},
|
|
8
49
|
{
|
|
9
50
|
:type => "application",
|
|
10
51
|
:vendor => "Automattic",
|
|
52
|
+
:tags => ["CMS"],
|
|
11
53
|
:product =>"Wordpress",
|
|
12
54
|
:match_details =>"Wordpress WP-JSON endpoint",
|
|
13
55
|
:version => nil,
|
|
@@ -18,6 +60,7 @@ module Check
|
|
|
18
60
|
{
|
|
19
61
|
:type => "application",
|
|
20
62
|
:vendor => "Automattic",
|
|
63
|
+
:tags => ["CMS"],
|
|
21
64
|
:product =>"Wordpress",
|
|
22
65
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
23
66
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -29,6 +72,7 @@ module Check
|
|
|
29
72
|
{
|
|
30
73
|
:type => "application",
|
|
31
74
|
:vendor => "Automattic",
|
|
75
|
+
:tags => ["CMS"],
|
|
32
76
|
:product =>"Wordpress",
|
|
33
77
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
34
78
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -40,6 +84,7 @@ module Check
|
|
|
40
84
|
{
|
|
41
85
|
:type => "application",
|
|
42
86
|
:vendor => "Automattic",
|
|
87
|
+
:tags => ["CMS"],
|
|
43
88
|
:product =>"Wordpress",
|
|
44
89
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
45
90
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -51,6 +96,7 @@ module Check
|
|
|
51
96
|
{
|
|
52
97
|
:type => "application",
|
|
53
98
|
:vendor => "Automattic",
|
|
99
|
+
:tags => ["CMS"],
|
|
54
100
|
:product =>"Wordpress",
|
|
55
101
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
56
102
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -62,6 +108,7 @@ module Check
|
|
|
62
108
|
{
|
|
63
109
|
:type => "application",
|
|
64
110
|
:vendor => "Automattic",
|
|
111
|
+
:tags => ["CMS"],
|
|
65
112
|
:product =>"Wordpress",
|
|
66
113
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
67
114
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -73,6 +120,7 @@ module Check
|
|
|
73
120
|
{
|
|
74
121
|
:type => "application",
|
|
75
122
|
:vendor => "Automattic",
|
|
123
|
+
:tags => ["CMS"],
|
|
76
124
|
:product =>"Wordpress",
|
|
77
125
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
78
126
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -84,6 +132,7 @@ module Check
|
|
|
84
132
|
{
|
|
85
133
|
:type => "application",
|
|
86
134
|
:vendor => "Automattic",
|
|
135
|
+
:tags => ["CMS"],
|
|
87
136
|
:product =>"Wordpress",
|
|
88
137
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
89
138
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -95,6 +144,7 @@ module Check
|
|
|
95
144
|
{
|
|
96
145
|
:type => "application",
|
|
97
146
|
:vendor => "Automattic",
|
|
147
|
+
:tags => ["CMS"],
|
|
98
148
|
:product =>"Wordpress",
|
|
99
149
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
100
150
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
|
@@ -106,6 +156,7 @@ module Check
|
|
|
106
156
|
{
|
|
107
157
|
:type => "application",
|
|
108
158
|
:vendor => "Automattic",
|
|
159
|
+
:tags => ["CMS"],
|
|
109
160
|
:product =>"Wordpress",
|
|
110
161
|
:match_details =>"Wordpress TinyMCE Editor",
|
|
111
162
|
:references => ["https://dcid.me/texts/fingerprinting-web-apps.html"],
|
data/lib/checks/banu.rb
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
module Intrigue
|
|
2
|
+
module Ident
|
|
3
|
+
module Check
|
|
4
|
+
class Banu < Intrigue::Ident::Check::Base
|
|
5
|
+
|
|
6
|
+
def generate_checks(url)
|
|
7
|
+
[
|
|
8
|
+
{
|
|
9
|
+
:type => "application",
|
|
10
|
+
:vendor => "Banu",
|
|
11
|
+
:tags => [],
|
|
12
|
+
:product =>"Tinyproxy",
|
|
13
|
+
:match_details =>"server header",
|
|
14
|
+
:version => nil,
|
|
15
|
+
:match_type => :content_headers,
|
|
16
|
+
:match_content => /server: tinyproxy/i,
|
|
17
|
+
:dynamic_version => lambda { |x|
|
|
18
|
+
_first_header_capture(x,/server: tinyproxy\/(.*)/i,)
|
|
19
|
+
},
|
|
20
|
+
:examples => ["http://208.46.69.59:8080"],
|
|
21
|
+
:paths => ["#{url}"]
|
|
22
|
+
}
|
|
23
|
+
]
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
data/lib/checks/base.rb
CHANGED
|
@@ -9,12 +9,19 @@ class Base
|
|
|
9
9
|
|
|
10
10
|
private
|
|
11
11
|
|
|
12
|
+
def _body(content)
|
|
13
|
+
return nil unless content["details"]["hidden_response_data"]
|
|
14
|
+
content["details"]["hidden_response_data"]
|
|
15
|
+
end
|
|
16
|
+
|
|
12
17
|
# matching helpers
|
|
13
18
|
def _first_body_match(content, regex)
|
|
19
|
+
return nil unless content["details"]["hidden_response_data"]
|
|
14
20
|
content["details"]["hidden_response_data"].match(regex)
|
|
15
21
|
end
|
|
16
22
|
|
|
17
23
|
def _first_body_capture(content, regex, filter=[])
|
|
24
|
+
return nil unless content["details"]["hidden_response_data"]
|
|
18
25
|
x = content["details"]["hidden_response_data"].match(regex)
|
|
19
26
|
if x
|
|
20
27
|
x = x.captures.first.strip
|
|
@@ -26,10 +33,12 @@ class Base
|
|
|
26
33
|
end
|
|
27
34
|
|
|
28
35
|
def _first_header_match(content, regex)
|
|
36
|
+
return nil unless content["details"]["headers"]
|
|
29
37
|
content["details"]["headers"].match(regex).first
|
|
30
38
|
end
|
|
31
39
|
|
|
32
40
|
def _first_header_capture(content,regex, filter=[])
|
|
41
|
+
return nil unless content["details"]["headers"]
|
|
33
42
|
x = content["details"]["headers"].join("\n").match(regex)
|
|
34
43
|
if x
|
|
35
44
|
x = x.captures.first
|
|
@@ -41,10 +50,12 @@ class Base
|
|
|
41
50
|
end
|
|
42
51
|
|
|
43
52
|
def _first_cookie_match(content, regex)
|
|
53
|
+
return nil unless content["details"]["cookies"]
|
|
44
54
|
content["details"]["cookies"].match(regex).first
|
|
45
55
|
end
|
|
46
56
|
|
|
47
57
|
def _first_cookie_capture(content, regex, filter=[])
|
|
58
|
+
return nil unless content["details"]["headers"]
|
|
48
59
|
x = content["details"]["cookies"].match(regex)
|
|
49
60
|
if x
|
|
50
61
|
x = x.captures.first.strip
|
data/lib/checks/cisco.rb
CHANGED
|
@@ -5,6 +5,18 @@ module Check
|
|
|
5
5
|
|
|
6
6
|
def generate_checks(url)
|
|
7
7
|
[
|
|
8
|
+
{
|
|
9
|
+
:type => "hardware",
|
|
10
|
+
:vendor => "Cisco",
|
|
11
|
+
:product => "Meraki",
|
|
12
|
+
:match_details => "Meraki logo on an on-prem box",
|
|
13
|
+
:version => nil,
|
|
14
|
+
:match_type => :content_body,
|
|
15
|
+
:match_content => /<img id="header_logo" src="images\/meraki-logo.png"/,
|
|
16
|
+
:hide => false,
|
|
17
|
+
:examples => [],
|
|
18
|
+
:paths => ["#{url}"]
|
|
19
|
+
},
|
|
8
20
|
{
|
|
9
21
|
:type => "application",
|
|
10
22
|
:vendor => "Cisco",
|
data/lib/checks/citrix.rb
CHANGED
|
@@ -28,6 +28,20 @@ module Check
|
|
|
28
28
|
:match_content => /CTXMSAM_LogonFont/,
|
|
29
29
|
:hide => false,
|
|
30
30
|
:paths => ["#{url}"]
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
:type => "application",
|
|
34
|
+
:vendor => "Citrix",
|
|
35
|
+
:product => "Netscaler Gateway",
|
|
36
|
+
:match_details => "misspelled content-length header",
|
|
37
|
+
:tags => ["tech:vpn"],
|
|
38
|
+
:references => ["https://support.citrix.com/article/CTX211605"],
|
|
39
|
+
:version => nil,
|
|
40
|
+
:match_type => :content_headers,
|
|
41
|
+
:match_content => /^cteonnt-length:.*$/,
|
|
42
|
+
:hide => false,
|
|
43
|
+
:paths => ["#{url}"],
|
|
44
|
+
:examples => ["http://204.29.196.116:80"]
|
|
31
45
|
}
|
|
32
46
|
|
|
33
47
|
]
|
data/lib/checks/cloudflare.rb
CHANGED
|
@@ -8,7 +8,7 @@ module Check
|
|
|
8
8
|
{
|
|
9
9
|
:type => "service",
|
|
10
10
|
:vendor => "Cloudflare",
|
|
11
|
-
:product =>"CDN",
|
|
11
|
+
:product => "CDN",
|
|
12
12
|
:version => nil,
|
|
13
13
|
:match_type => :content_cookies,
|
|
14
14
|
:match_content => /__cfduid/i,
|
|
@@ -18,7 +18,7 @@ module Check
|
|
|
18
18
|
{
|
|
19
19
|
:type => "service",
|
|
20
20
|
:vendor => "Cloudflare",
|
|
21
|
-
:product =>"CDN",
|
|
21
|
+
:product => "CDN",
|
|
22
22
|
:version => nil,
|
|
23
23
|
:match_type => :content_headers,
|
|
24
24
|
:match_content => /cloudflare-nginx/i,
|
|
@@ -28,11 +28,11 @@ module Check
|
|
|
28
28
|
{
|
|
29
29
|
:type => "service",
|
|
30
30
|
:vendor => "Cloudflare",
|
|
31
|
-
:product =>"CDN",
|
|
31
|
+
:product => "CDN",
|
|
32
32
|
:tags => ["error_page"],
|
|
33
33
|
:version => nil,
|
|
34
34
|
:match_type => :content_body,
|
|
35
|
-
:match_content =>
|
|
35
|
+
:match_content => /<title>Direct IP access not allowed \| Cloudflare/,
|
|
36
36
|
:match_details =>"Cloudflare - Direct IP Access",
|
|
37
37
|
:hide => true,
|
|
38
38
|
:paths => ["#{url}"]
|
|
@@ -40,7 +40,7 @@ module Check
|
|
|
40
40
|
{
|
|
41
41
|
:type => "service",
|
|
42
42
|
:vendor => "Cloudflare",
|
|
43
|
-
:product =>"CDN",
|
|
43
|
+
:product => "CDN",
|
|
44
44
|
:match_details =>"Cloudflare Error",
|
|
45
45
|
:tags => ["error_page"],
|
|
46
46
|
:version => "",
|
|
@@ -52,11 +52,11 @@ module Check
|
|
|
52
52
|
{
|
|
53
53
|
:type => "service",
|
|
54
54
|
:vendor => "Cloudflare",
|
|
55
|
-
:product =>"CDN",
|
|
55
|
+
:product => "CDN",
|
|
56
56
|
:match_details =>"Cloudfront Error - Direct IP Access",
|
|
57
|
-
:version =>
|
|
57
|
+
:version => nil,
|
|
58
58
|
:match_type => :content_body,
|
|
59
|
-
:match_content => /403\ Forbidden<\/h1><\/center>\n<hr><center>cloudflare<\/center
|
|
59
|
+
:match_content => /403\ Forbidden<\/h1><\/center>\n<hr><center>cloudflare<\/center>/im,
|
|
60
60
|
:hide => true,
|
|
61
61
|
:paths => ["#{url}"]
|
|
62
62
|
}
|
data/lib/checks/craft.rb
ADDED
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
module Intrigue
|
|
2
|
+
module Ident
|
|
3
|
+
module Check
|
|
4
|
+
class Craft < Intrigue::Ident::Check::Base
|
|
5
|
+
|
|
6
|
+
def generate_checks(url)
|
|
7
|
+
[
|
|
8
|
+
{
|
|
9
|
+
:vendor => "Craft",
|
|
10
|
+
:type => "application",
|
|
11
|
+
:product =>"CMS",
|
|
12
|
+
:match_details =>"csrf protection cookie",
|
|
13
|
+
:version => nil,
|
|
14
|
+
:match_type => :content_cookies,
|
|
15
|
+
:match_content => /CRAFT_CSRF_TOKEN/,
|
|
16
|
+
:hide => true,
|
|
17
|
+
:paths => ["#{url}"]
|
|
18
|
+
}
|
|
19
|
+
]
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|