Sorry, I sent the unmodified version, here's the right one. Rich. Richard Moore wrote: > I've added a signature for IIS 4.0 / NT Server Option Pack to > this test. > > Cheers > > Rich. -- Richard Moore, Principle Software Engineer, Westpoint Ltd, Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England Tel: +44 161 237 1028 Fax: +44 161 237 1031 # # Written by Renaud Deraison <deraison@private> # if(description) { script_id(11422); script_version ("$Revision: 1.11 $"); # script_cve_id("CVE-MAP-NOMATCH"); name["english"] = "Unconfigured web server"; script_name(english:name["english"]); desc["english"] = " The remote web server seems to have its default welcome page set. It probably means that this server is not used at all. Solution : Disable this service, as you do not use it Risk factor : Low"; script_description(english:desc["english"]); summary["english"] = "Determines if the remote web server has been configured"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2003 Renaud Deraison", francais:"Ce script est Copyright (C) 2003 Renaud Deraison"); family["english"] = "General"; script_family(english:family["english"]); script_dependencie("find_service.nes", "httpver.nasl"); script_require_ports("Services/www", 80); exit(0); } include("http_func.inc"); include("http_keepalive.inc"); port = get_http_port(default:80); if(!get_port_state(port))exit(0); req = http_keepalive_send_recv(port:port, data:http_get(item:"/", port:port)); if(req == NULL) exit(0); req = tolower(req); # # Apache # apache_head = "<title>test page for apache installation</title>"; apache_body = "<p>this page is here because the site administrator has changed the configuration of this web server. please <strong>contact the person responsible for maintaining this server with questions.</strong> the apache software foundation, which wrote the web server software this site administrator is using, has nothing to do with maintaining this site and cannot help resolve configuration issues.</p>"; if(apache_head >< req && apache_body >< req){security_warning(port);exit(0);} apache_head = "<title>test page for the apache web server on red hat linux</title>"; apache_body = "this page is used to test the proper operation of the apache web server after"; if(apache_head >< req && apache_body >< req){security_warning(port);exit(0);} if(egrep(pattern:"<title>test page for .*apache installation on web site</title>", string:req)){security_warning(port);exit(0);} if("<title>test page for the apache http server on fedora core</title>" >< req) { security_warning(port); exit(0); } # # IIS # iis_head = "<title id=titletext>under construction</title>"; iis_body = "the site you were trying to reach does not currently have a default page. it may be in the process of being upgraded."; if(iis_head >< req && iis_body >< req){ security_warning(port); exit(0); } # # IIS 4.0 (NT Server Option Pack) # ntoptionpack_head = "Welcome To IIS 4.0"; ntoptionpack_body = "Microsoft Windows NT 4.0 Option Pack"; if(ntoptionpack_head >< req && ntoptionpack_body >< req){ security_warning(port); exit(0); } # # Domino 6.0 # domino_head = 'body text="#000000" bgcolor="#000000" style="background-image:url(/homepage.nsf/homepage.gif?openimageresource); background-repeat: no-repeat; ">'; domino_body = "/help/help6_client.nsf"; if(domino_head >< req && domino_body >< req){security_warning(port); exit(0); } # # iPlanet 6.0 # iplanet_head = "<title>iplanet web server, enterprise edition 6.0</title>"; iplanet_body = '<frame name="banner" src="banner.html" scrolling="no">'; if(iplanet_head >< req && iplanet_body >< req){security_warning(port); exit(0); } # # Sambar # sambar_head = "<title>sambar server</title>"; sambar_body = "<b>pro server features<b>"; if(sambar_head >< req){security_warning(port); exit(0);} # # NetWare 6.0 # netware_head = "<title>welcome to netware 6</title>"; netware_body = '<frame name="branding" marginwidth="7" marginheight="0" src="brand.html" noresize scrolling="no">'; if (netware_head >< req && netware_body >< req ){security_warning(port); exit(0);} _______________________________________________ Plugins-writers mailing list Plugins-writers@private http://mail.nessus.org/mailman/listinfo/plugins-writers
This archive was generated by hypermail 2.1.3 : Fri Nov 05 2004 - 06:03:17 PST