intrigue-ident 0.49 → 0.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -0
  3. data/lib/checks/adobe.rb +13 -0
  4. data/lib/checks/amazon.rb +20 -9
  5. data/lib/checks/apache.rb +14 -0
  6. data/lib/checks/atlassian.rb +5 -2
  7. data/lib/checks/automattic.rb +51 -0
  8. data/lib/checks/banu.rb +28 -0
  9. data/lib/checks/base.rb +11 -0
  10. data/lib/checks/cisco.rb +12 -0
  11. data/lib/checks/citrix.rb +14 -0
  12. data/lib/checks/cloudflare.rb +8 -8
  13. data/lib/checks/craft.rb +25 -0
  14. data/lib/checks/docuwiki.rb +25 -0
  15. data/lib/checks/drupal.rb +4 -2
  16. data/lib/checks/f5.rb +14 -1
  17. data/lib/checks/generic.rb +19 -4
  18. data/lib/checks/gitlab.rb +4 -0
  19. data/lib/checks/google.rb +12 -1
  20. data/lib/checks/ibm.rb +63 -0
  21. data/lib/checks/ivanti.rb +27 -0
  22. data/lib/checks/jamf.rb +26 -0
  23. data/lib/checks/jekyll.rb +28 -0
  24. data/lib/checks/jive.rb +25 -0
  25. data/lib/checks/joomla.rb +1 -0
  26. data/lib/checks/jupyter.rb +26 -0
  27. data/lib/checks/lighttpd.rb +28 -0
  28. data/lib/checks/mailchimp.rb +25 -0
  29. data/lib/checks/microsoft.rb +39 -7
  30. data/lib/checks/openresty.rb +25 -0
  31. data/lib/checks/oracle.rb +59 -3
  32. data/lib/checks/pantheon.rb +26 -0
  33. data/lib/checks/php.rb +12 -1
  34. data/lib/checks/ruckus_wireless.rb +24 -0
  35. data/lib/checks/tableau.rb +26 -0
  36. data/lib/checks/zeit.rb +28 -0
  37. data/lib/checks/zimbra.rb +24 -0
  38. data/lib/checks/zscaler.rb +1 -1
  39. data/lib/intrigue-ident.rb +5 -5
  40. metadata +19 -2
data/lib/checks/openresty.rb ADDED
@@ -0,0 +1,25 @@
1
+ module Intrigue
2
+ module Ident
3
+ module Check
4
+ class OpenResty < Intrigue::Ident::Check::Base
5
+
6
+ def generate_checks(url)
7
+ [
8
+ {
9
+ :type => "service",
10
+ :vendor =>"OpenResty",
11
+ :product =>"OpenResty",
12
+ :match_details =>"server header for OpenResty",
13
+ :version => nil,
14
+ :match_type => :content_headers,
15
+ :match_content => /server: openresty/i,
16
+ :examples => ["http://54.164.224.102:80"],
17
+ :paths => ["#{url}"]
18
+ }
19
+ ]
20
+ end
21
+
22
+ end
23
+ end
24
+ end
25
+ end
data/lib/checks/oracle.rb CHANGED
@@ -5,7 +5,7 @@ module Check
5
5
 
6
6
  def generate_checks(url)
7
7
  [
8
- {
8
+ { # TODO are HTTP-server and application-server the same thing?
9
9
  :type => "application",
10
10
  :vendor => "Oracle",
11
11
  :product =>"Application Server",
@@ -15,8 +15,10 @@ module Check
15
15
  :match_type => :content_headers,
16
16
  :match_content => /server: Oracle-Application-Server/,
17
17
  :hide => false,
18
- :dynamic_version => lambda { |x| _first_header_capture(x,/server:.*\/(.*) Oracle-HTTP-Server,/) },
19
- :examples => ["https://63.85.74.53:443"],
18
+ :dynamic_version => lambda { |x|
19
+ _first_header_capture(x,/server:.*\/(.*) Oracle-HTTP-Server,/) || _first_header_capture(x,/server: Oracle-Application-Server-(.*)/) },
20
+ :examples => ["https://63.85.74.53:443","https://rss.tomthumb.com:443"],
21
+ :verify => ["YWxiZXJ0c29ucyNJbnRyaWd1ZTo6RW50aXR5OjpVcmkjaHR0cHM6Ly9yc3MudG9tdGh1bWIuY29tOjQ0Mw=="],
20
22
  :paths => ["#{url}"]
21
23
  },
22
24
  {
@@ -47,6 +49,47 @@ module Check
47
49
  :examples => ["http://52.2.97.57:80"],
48
50
  :paths => ["#{url}"]
49
51
  },
52
+ {
53
+ :type => "application",
54
+ :vendor => "Oracle",
55
+ :product =>"Java",
56
+ :match_details =>"JSESSIONID cookie",
57
+ :references => ["https://javarevisited.blogspot.com/2012/08/what-is-jsessionid-in-j2ee-web.html"],
58
+ :version => nil,
59
+ :match_type => :content_cookies,
60
+ :match_content => /JSESSIONID=/,
61
+ :hide => false,
62
+ :examples => ["https://birdcam.xcelenergy.com:443"],
63
+ :paths => ["#{url}"]
64
+ },
65
+ { # TODO - this will tell us J2EE versions, see references!!!
66
+ :type => "application",
67
+ :vendor => "Oracle",
68
+ :product =>"Java Application Server",
69
+ :match_details =>"x-header",
70
+ :references => ["http://www.ntu.edu.sg/home/ehchua/programming/java/javaservlets.html"],
71
+ :version => nil,
72
+ :dynamic_version => lambda { |x| _first_header_capture(x,/^x-powered-by: Servlet\/(.*)JSP.*$/) },
73
+ :match_type => :content_headers,
74
+ :match_content => /x-powered-by: Servlet/,
75
+ :hide => false,
76
+ :paths => ["#{url}"],
77
+ :examples => ["http://165.160.15.20/"]
78
+ },
79
+ { # TODO - this will tell us J2EE versions, see references!!!
80
+ :type => "application",
81
+ :vendor => "Oracle",
82
+ :product =>"Java Server Pages",
83
+ :match_details =>"x-header",
84
+ :references => ["http://www.ntu.edu.sg/home/ehchua/programming/java/javaservlets.html"],
85
+ :version => nil,
86
+ :dynamic_version => lambda { |x| _first_header_capture(x,/^x-powered-by: Servlet\/.*JSP\/(.*)$/) },
87
+ :match_type => :content_headers,
88
+ :match_content => /x-powered-by: Servlet\/.*JSP.*/,
89
+ :hide => false,
90
+ :paths => ["#{url}"],
91
+ :examples => ["http://165.160.15.20/"]
92
+ },
50
93
  {
51
94
  :type => "application",
52
95
  :vendor => "Oracle",
@@ -64,6 +107,19 @@ module Check
64
107
  :hide => false,
65
108
  :examples => ["https://reset.oxy.com:443"],
66
109
  :paths => ["#{url}"]
110
+ },
111
+ {
112
+ :type => "application",
113
+ :vendor => "Oracle",
114
+ :product =>"Weblogic",
115
+ :match_details =>"weblogic fault / fail",
116
+ :references => ["https://coderanch.com/t/603067/application-servers/Calling-weblogic-webservice-error"],
117
+ :version => nil,
118
+ :match_type => :content_body,
119
+ :match_content => /<faultcode>env:WebServiceFault/,
120
+ :hide => false,
121
+ :examples => ["https://css-ewebsvcs.freddiemac.com:443"],
122
+ :paths => ["#{url}"]
67
123
  }
68
124
  ]
69
125
  end
data/lib/checks/pantheon.rb ADDED
@@ -0,0 +1,26 @@
1
+ module Intrigue
2
+ module Ident
3
+ module Check
4
+ class Pantheon < Intrigue::Ident::Check::Base
5
+
6
+ def generate_checks(url)
7
+ [
8
+ {
9
+ :type => "service",
10
+ :vendor => "Pantheon",
11
+ :product => "Pantheon",
12
+ :tags => ["CMS"],
13
+ :match_details => "x-pantheon-site header",
14
+ :version => nil,
15
+ :match_type => :content_headers,
16
+ :match_content => /x-pantheon-site/,
17
+ :paths => ["#{url}"]
18
+ }
19
+
20
+ ]
21
+ end
22
+
23
+ end
24
+ end
25
+ end
26
+ end
data/lib/checks/php.rb CHANGED
@@ -9,7 +9,7 @@ module Check
9
9
  :type => "application",
10
10
  :vendor =>"PHP",
11
11
  :product =>"PHP",
12
- :match_details =>"",
12
+ :match_details =>"x-powered-by header",
13
13
  :version => nil,
14
14
  :match_type => :content_headers,
15
15
  :match_content => /x-powered-by: PHP/i,
@@ -18,6 +18,17 @@ module Check
18
18
  },
19
19
  :examples => ["http://78.40.183.96:8081"],
20
20
  :paths => ["#{url}"]
21
+ },
22
+ {
23
+ :type => "application",
24
+ :vendor =>"PHP",
25
+ :product =>"PHP",
26
+ :match_details =>"cookie",
27
+ :version => nil,
28
+ :match_type => :content_cookies,
29
+ :match_content => /PHPSESSID=/i,
30
+ :examples => ["http://107.20.49.246:80"],
31
+ :paths => ["#{url}"]
21
32
  }
22
33
  ]
23
34
  end
data/lib/checks/ruckus_wireless.rb ADDED
@@ -0,0 +1,24 @@
1
+ module Intrigue
2
+ module Ident
3
+ module Check
4
+ class RuckusWireless < Intrigue::Ident::Check::Base
5
+
6
+ def generate_checks(url)
7
+ [
8
+ {
9
+ :type => "application",
10
+ :vendor =>"Ruckus Wireless",
11
+ :product =>"Admin",
12
+ :match_details =>"login page for ruckus wireless device",
13
+ :match_type => :content_body,
14
+ :match_content => /<title>Ruckus Wireless Admin/i,
15
+ :examples => [],
16
+ :paths => ["#{url}"]
17
+ }
18
+ ]
19
+ end
20
+
21
+ end
22
+ end
23
+ end
24
+ end
data/lib/checks/tableau.rb ADDED
@@ -0,0 +1,26 @@
1
+ module Intrigue
2
+ module Ident
3
+ module Check
4
+ class Tableau < Intrigue::Ident::Check::Base
5
+
6
+ def generate_checks(url)
7
+ [
8
+ {
9
+ :type => "application",
10
+ :vendor => "Tableau",
11
+ :product => "Tableau",
12
+ :match_details => "Tableau Server",
13
+ :version => nil,
14
+ :references => ["https://community.tableau.com/thread/165653"],
15
+ :match_type => :content_body,
16
+ :match_content => /<meta name="vizportal-config" data-buildId=/i,
17
+ :examples => ["http://137.154.26.56:80"],
18
+ :paths => ["#{url}"]
19
+ }
20
+ ]
21
+ end
22
+
23
+ end
24
+ end
25
+ end
26
+ end
data/lib/checks/zeit.rb ADDED
@@ -0,0 +1,28 @@
1
+ module Intrigue
2
+ module Ident
3
+ module Check
4
+ class Zeit < Intrigue::Ident::Check::Base
5
+
6
+ def generate_checks(url)
7
+ [
8
+ {
9
+ :type => "application",
10
+ :vendor =>"Zeit",
11
+ :product =>"Next.js",
12
+ :match_details =>"x-powered-by header",
13
+ :references => ["https://zeit.co/blog/next"],
14
+ :match_type => :content_headers,
15
+ :match_content => /x-powered-by: Next.js/i,
16
+ :dynamic_version => lambda { |x|
17
+ _first_header_capture(x,/sx-powered-by: Next.js\ (.*)/i)
18
+ },
19
+ :examples => ["http://static.invisionapp.com:80"],
20
+ :paths => ["#{url}"]
21
+ }
22
+ ]
23
+ end
24
+
25
+ end
26
+ end
27
+ end
28
+ end
data/lib/checks/zimbra.rb ADDED
@@ -0,0 +1,24 @@
1
+ module Intrigue
2
+ module Ident
3
+ module Check
4
+ class Zimbra < Intrigue::Ident::Check::Base
5
+
6
+ def generate_checks(url)
7
+ [
8
+ {
9
+ :type => "service",
10
+ :vendor =>"Zimbra",
11
+ :product =>"Server",
12
+ :match_details =>"login page for zimbra",
13
+ :match_type => :content_body,
14
+ :match_content => /<title>Zimbra Web Client Sign In/i,
15
+ :examples => ["https://219.84.198.177:443"],
16
+ :paths => ["#{url}"]
17
+ }
18
+ ]
19
+ end
20
+
21
+ end
22
+ end
23
+ end
24
+ end
data/lib/checks/zscaler.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module Intrigue
2
2
  module Ident
3
3
  module Check
4
- class Restlet < Intrigue::Ident::Check::Base
4
+ class Zscaler < Intrigue::Ident::Check::Base
5
5
 
6
6
  def generate_checks(url)
7
7
  [
data/lib/intrigue-ident.rb CHANGED
@@ -11,7 +11,7 @@ Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
11
11
  module Intrigue
12
12
  module Ident
13
13
 
14
- VERSION=0.49
14
+ VERSION=0.51
15
15
 
16
16
  def generate_requests_and_check(url)
17
17
 
@@ -51,7 +51,7 @@ module Intrigue
51
51
  results.compact
52
52
  end
53
53
 
54
- def check_intrigue_uri(intrigue_uri_data)
54
+ def check_intrigue_uri_hash(intrigue_uri_data)
55
55
 
56
56
  results = []
57
57
 
@@ -70,7 +70,7 @@ module Intrigue
70
70
 
71
71
  # call each check, collecting the product if it's a match
72
72
  ggc.last.each do |check|
73
- results << _match_uri(check, intrigue_uri_data)
73
+ results << _match_uri_hash(check, intrigue_uri_data)
74
74
  end
75
75
  end
76
76
 
@@ -106,7 +106,7 @@ module Intrigue
106
106
  }
107
107
  end
108
108
 
109
- def _match_uri(check,data)
109
+ def _match_uri_hash(check,data)
110
110
  return nil unless check && data
111
111
 
112
112
  #puts "Trying to match #{check[:vendor]} #{check[:product]}: #{data["details"]["cookies"][0..10]}"
@@ -199,7 +199,7 @@ module Intrigue
199
199
  data["details"]["response_data_hash"] = Digest::SHA256.base64digest("#{response.body}")
200
200
 
201
201
  # call the actual matcher & return
202
- _match_uri check, data
202
+ _match_uri_hash check, data
203
203
  end
204
204
 
205
205
  def _http_request(method, uri_string, credentials=nil, headers={}, data=nil, limit = 10, open_timeout=15, read_timeout=15)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: intrigue-ident
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.49'
4
+ version: '0.51'
5
5
  platform: ruby
6
6
  authors:
7
7
  - jcran
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-07-09 00:00:00.000000000 Z
11
+ date: 2018-07-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -71,13 +71,16 @@ files:
71
71
  - lib/checks/aruba.rb
72
72
  - lib/checks/atlassian.rb
73
73
  - lib/checks/automattic.rb
74
+ - lib/checks/banu.rb
74
75
  - lib/checks/base.rb
75
76
  - lib/checks/chef.rb
76
77
  - lib/checks/cisco.rb
77
78
  - lib/checks/citrix.rb
78
79
  - lib/checks/cloudflare.rb
79
80
  - lib/checks/cpanel.rb
81
+ - lib/checks/craft.rb
80
82
  - lib/checks/django.rb
83
+ - lib/checks/docuwiki.rb
81
84
  - lib/checks/drupal.rb
82
85
  - lib/checks/f5.rb
83
86
  - lib/checks/fastly.rb
@@ -88,13 +91,21 @@ files:
88
91
  - lib/checks/groovy.rb
89
92
  - lib/checks/heroku.rb
90
93
  - lib/checks/hp.rb
94
+ - lib/checks/ibm.rb
95
+ - lib/checks/ivanti.rb
96
+ - lib/checks/jamf.rb
97
+ - lib/checks/jekyll.rb
91
98
  - lib/checks/jenkins.rb
99
+ - lib/checks/jive.rb
92
100
  - lib/checks/jobvite.rb
93
101
  - lib/checks/joomla.rb
102
+ - lib/checks/jupyter.rb
103
+ - lib/checks/lighttpd.rb
94
104
  - lib/checks/limesuvey.rb
95
105
  - lib/checks/lithium.rb
96
106
  - lib/checks/lotus.rb
97
107
  - lib/checks/magento.rb
108
+ - lib/checks/mailchimp.rb
98
109
  - lib/checks/mcafee.rb
99
110
  - lib/checks/mediawiki.rb
100
111
  - lib/checks/microsoft.rb
@@ -102,8 +113,10 @@ files:
102
113
  - lib/checks/new_relic.rb
103
114
  - lib/checks/nginx.rb
104
115
  - lib/checks/okta.rb
116
+ - lib/checks/openresty.rb
105
117
  - lib/checks/oracle.rb
106
118
  - lib/checks/palo_alto.rb
119
+ - lib/checks/pantheon.rb
107
120
  - lib/checks/pardot.rb
108
121
  - lib/checks/pfsense.rb
109
122
  - lib/checks/php.rb
@@ -111,12 +124,16 @@ files:
111
124
  - lib/checks/pivotal.rb
112
125
  - lib/checks/rabbitmq.rb
113
126
  - lib/checks/restlet.rb
127
+ - lib/checks/ruckus_wireless.rb
114
128
  - lib/checks/sailpoint.rb
129
+ - lib/checks/tableau.rb
115
130
  - lib/checks/team_city.rb
116
131
  - lib/checks/telerik.rb
117
132
  - lib/checks/varnish.rb
118
133
  - lib/checks/vmware.rb
119
134
  - lib/checks/wp_engine.rb
135
+ - lib/checks/zeit.rb
136
+ - lib/checks/zimbra.rb
120
137
  - lib/checks/zscaler.rb
121
138
  - lib/intrigue-ident.rb
122
139
  - util/check.rb